-/* $Cambridge: exim/src/src/tls-openssl.c,v 1.23 2010/06/05 09:10:10 pdp Exp $ */
+/* $Cambridge: exim/src/src/tls-openssl.c,v 1.26 2010/06/05 10:34:29 pdp Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
DEBUG(D_tls) debug_printf("SSL_connect succeeded\n");
+/* Beware anonymous ciphers which lead to server_cert being NULL */
server_cert = SSL_get_peer_certificate (ssl);
-tls_peerdn = US X509_NAME_oneline(X509_get_subject_name(server_cert),
- CS txt, sizeof(txt));
-tls_peerdn = txt;
+if (server_cert)
+ {
+ tls_peerdn = US X509_NAME_oneline(X509_get_subject_name(server_cert),
+ CS txt, sizeof(txt));
+ tls_peerdn = txt;
+ }
+else
+ tls_peerdn = NULL;
construct_cipher_name(ssl); /* Sets tls_cipher */
/* Handle genuine errors */
+ else if (error == SSL_ERROR_SSL)
+ {
+ ERR_error_string(ERR_get_error(), ssl_errstring);
+ log_write(0, LOG_MAIN, "TLS error (SSL_read): %s", ssl_errstring);
+ ssl_xfer_error = 1;
+ return EOF;
+ }
+
else if (error != SSL_ERROR_NONE)
{
DEBUG(D_tls) debug_printf("Got SSL error %d\n", error);