git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Deal with anonymous SSL giving us no peer certificate.
[exim.git]
/
src
/
src
/
tls-openssl.c
diff --git
a/src/src/tls-openssl.c
b/src/src/tls-openssl.c
index 02db7cd526675c62c97e5c20b49cffb4eba25279..78b28f5e84cabb9fe6210c92e68f235d4458d0d0 100644
(file)
--- a/
src/src/tls-openssl.c
+++ b/
src/src/tls-openssl.c
@@
-1,4
+1,4
@@
-/* $Cambridge: exim/src/src/tls-openssl.c,v 1.2
5 2010/06/05 09:36:11
pdp Exp $ */
+/* $Cambridge: exim/src/src/tls-openssl.c,v 1.2
6 2010/06/05 10:34:29
pdp Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
/*************************************************
* Exim - an Internet mail transport agent *
@@
-833,10
+833,16
@@
if (rc <= 0)
DEBUG(D_tls) debug_printf("SSL_connect succeeded\n");
DEBUG(D_tls) debug_printf("SSL_connect succeeded\n");
+/* Beware anonymous ciphers which lead to server_cert being NULL */
server_cert = SSL_get_peer_certificate (ssl);
server_cert = SSL_get_peer_certificate (ssl);
-tls_peerdn = US X509_NAME_oneline(X509_get_subject_name(server_cert),
- CS txt, sizeof(txt));
-tls_peerdn = txt;
+if (server_cert)
+ {
+ tls_peerdn = US X509_NAME_oneline(X509_get_subject_name(server_cert),
+ CS txt, sizeof(txt));
+ tls_peerdn = txt;
+ }
+else
+ tls_peerdn = NULL;
construct_cipher_name(ssl); /* Sets tls_cipher */
construct_cipher_name(ssl); /* Sets tls_cipher */