diff options
-rw-r--r-- | smtpd/ssl_smtpd.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/smtpd/ssl_smtpd.c b/smtpd/ssl_smtpd.c index a30a6f10..194e0a63 100644 --- a/smtpd/ssl_smtpd.c +++ b/smtpd/ssl_smtpd.c @@ -69,16 +69,18 @@ ssl_mta_init(char *cert, off_t cert_len, char *key, off_t key_len) if (!SSL_set_ssl_method(ssl, SSLv23_client_method())) goto err; - x509 = SSL_get_certificate(ssl); - now = time(NULL); - notBefore = X509_get_notBefore(x509); - notAfter = X509_get_notAfter(x509); + if (cert != NULL) { + x509 = SSL_get_certificate(ssl); + now = time(NULL); + notBefore = X509_get_notBefore(x509); + notAfter = X509_get_notAfter(x509); - if (notBefore && X509_cmp_time(notBefore, &now) < 0) - log_warnx("smtp-out: certificate is not valid yet"); + if (notBefore && X509_cmp_time(notBefore, &now) < 0) + log_warnx("smtp-out: certificate is not valid yet"); - if (notAfter && X509_cmp_time(notAfter, &now) < 0) - log_warnx("smtp-out: certificate has expired"); + if (notAfter && X509_cmp_time(notAfter, &now) < 0) + log_warnx("smtp-out: certificate has expired"); + } return (void *)(ssl); |