Only equip with peer cert when transport is TLS

2017-03-25 21:26:05 +01:00 · 2017-03-25 21:26:05 +01:00 · 5f6e47d091
parent a2efd8f6c1
commit 5f6e47d091
1 changed files with 6 additions and 4 deletions
--- a/src/stub.c
+++ b/src/stub.c
@ -1673,13 +1673,15 @@ upstream_write_cb(void *userarg)
 		return;

 	default:
-		cert = SSL_get_peer_certificate(netreq->upstream->tls_obj);
-		assert(netreq->debug_tls_peer_cert.data == NULL);
+		if (netreq->upstream->tls_obj &&
+		    (cert = SSL_get_peer_certificate(netreq->upstream->tls_obj))) {
+			assert(netreq->debug_tls_peer_cert.data == NULL);

+			netreq->debug_tls_peer_cert.size = i2d_X509(
+			    cert, &netreq->debug_tls_peer_cert.data);
+		}
 		/* Need this because auth status is reset on connection close */
 		netreq->debug_tls_auth_status = netreq->upstream->tls_auth_state;
-		netreq->debug_tls_peer_cert.size = i2d_X509(
-		    cert, &netreq->debug_tls_peer_cert.data);
 		upstream->queries_sent++;
 		netreq->query_id = (uint16_t) q;
 		/* Unqueue the netreq from the write_queue */