OpenSSL: Capture peercert/dn in mainline not verify-callback. Bug 1571

[exim.git] / src / src / verify.c

diff --git a/src/src/verify.c b/src/src/verify.c
index d39e103ac99f45ca8f26cd0bd0a702f04f65c929..ec75ce5ce3b3fec2d090c722a4ce38ea6dfd5872 100644 (file)
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -636,7 +636,7 @@ can do it there for the non-rcpt-verify case.  For this we keep an addresscount.
     outblock.authenticating = FALSE;
 
     /* Reset the parameters of a TLS session */
-    tls_out.cipher = tls_out.peerdn = NULL;
+    tls_out.cipher = tls_out.peerdn = tls_out.peercert = NULL;
 
     /* Connect to the host; on failure, just loop for the next one, but we
     set the error for the last one. Use the callout_connect timeout. */