summaryrefslogtreecommitdiff
path: root/src/src/verify.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/src/verify.c')
-rw-r--r--src/src/verify.c20
1 files changed, 4 insertions, 16 deletions
diff --git a/src/src/verify.c b/src/src/verify.c
index 8cc67f1b1..f799ff1de 100644
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -1576,13 +1576,7 @@ if (address[0] == 0) return OK;
they're used in the context of a transport used by verification. Reset them
at exit from this routine. */
-modify_variable(US"tls_bits", &tls_out.bits);
-modify_variable(US"tls_certificate_verified", &tls_out.certificate_verified);
-modify_variable(US"tls_cipher", &tls_out.cipher);
-modify_variable(US"tls_peerdn", &tls_out.peerdn);
-#if defined(SUPPORT_TLS) && !defined(USE_GNUTLS)
-modify_variable(US"tls_sni", &tls_out.sni);
-#endif
+tls_modify_variables(&tls_out);
/* Save a copy of the sender address for re-instating if we change it to <>
while verifying a sender address (a nice bit of self-reference there). */
@@ -1756,6 +1750,7 @@ while (addr_new != NULL)
(void)host_find_byname(host, NULL, flags, &canonical_name, TRUE);
else
(void)host_find_bydns(host, NULL, flags, NULL, NULL, NULL,
+ NULL, NULL, /*XXX todo: dnssec */
&canonical_name, NULL);
}
}
@@ -2041,14 +2036,7 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++)
the -bv or -bt case). */
out:
-
-modify_variable(US"tls_bits", &tls_in.bits);
-modify_variable(US"tls_certificate_verified", &tls_in.certificate_verified);
-modify_variable(US"tls_cipher", &tls_in.cipher);
-modify_variable(US"tls_peerdn", &tls_in.peerdn);
-#if defined(SUPPORT_TLS) && !defined(USE_GNUTLS)
-modify_variable(US"tls_sni", &tls_in.sni);
-#endif
+tls_modify_variables(&tls_in);
return yield;
}
@@ -3559,7 +3547,7 @@ revadd[0] = 0;
/* In case this is the first time the DNS resolver is being used. */
-dns_init(FALSE, FALSE);
+dns_init(FALSE, FALSE, FALSE); /*XXX dnssec? */
/* Loop through all the domains supplied, until something matches */