+#endif
+#ifdef EXPERIMENTAL_TPDA
+ if (tlsp == &tls_out && client_static_cbinfo->event_action)
+ {
+ tlsp->peercert = X509_dup(cert);
+ if (tpda_raise_event(client_static_cbinfo->event_action,
+ US"tls:cert", string_sprintf("%d", depth)) == DEFER)
+ {
+ log_write(0, LOG_MAIN, "SSL verify denied by event-action: "
+ "depth=%d cert=%s", depth, txt);
+ tlsp->certificate_verified = FALSE;
+ *calledp = TRUE;
+ return 0; /* reject */
+ }
+ X509_free(tlsp->peercert);
+ tlsp->peercert = NULL;
+ }