diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2019-10-21 17:18:28 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2019-10-21 17:31:47 +0100 |
| commit | 4ed67f68df666fe38076e3bfd2183db71e742c7a (patch) | |
| tree | 709ab7db62ed740e7deb6d8f4a593afd5f973c2a /src | |
| parent | 9f6563c0ee45cfb670a38fb97362abd85b60395f (diff) | |
Fix logging of DANE, client-side under LibreSSL
Diffstat (limited to 'src')
| -rw-r--r-- | src/src/tls-openssl.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index bd9796971..e45ebd3be 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -2347,7 +2347,11 @@ if (tlsp->peercert) for resumption next to the TLS session, and used here. */ if (!tlsp->verify_override) - tlsp->certificate_verified = SSL_get_verify_result(ssl) == X509_V_OK; + tlsp->certificate_verified = +#ifdef SUPPORT_DANE + tlsp->dane_verified || +#endif + SSL_get_verify_result(ssl) == X509_V_OK; } } @@ -2720,7 +2724,7 @@ if (rc <= 0) case SSL_ERROR_SSL: { uschar * s = US"SSL_accept"; - ulong e = ERR_peek_error(); + unsigned long e = ERR_peek_error(); if (ERR_GET_REASON(e) == SSL_R_WRONG_VERSION_NUMBER) s = string_sprintf("%s (%s)", s, SSL_get_version(server_ssl)); (void) tls_error(s, NULL, sigalrm_seen ? US"timed out" : NULL, errstr); |