Do not panic-log each clamd connection fail. Bug 392

[user/henk/code/exim.git] / src / src / tls-openssl.c

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index bb17821e474d37fc39c31ebd1fee204041b255c8..24ae3ea7eabd51725908594800026f7d2bbe0a3b 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1686,7 +1686,9 @@ int rc;
    set but both tls_verify_hosts and tls_try_verify_hosts is not set. Check only
    the specified host patterns if one of them is defined */
 
-if (  (!ob->tls_verify_hosts && !ob->tls_try_verify_hosts)
+if (  (  !ob->tls_verify_hosts
+      && (!ob->tls_try_verify_hosts || !*ob->tls_try_verify_hosts)
+      )
    || (verify_check_given_host(&ob->tls_verify_hosts, host) == OK)
    )
   client_verify_optional = FALSE;
@@ -1762,7 +1764,7 @@ if (found)
   return OK;
 
 log_write(0, LOG_MAIN, "DANE error: No usable TLSA records");
-return FAIL;
+return DEFER;
 }
 #endif /*EXPERIMENTAL_DANE*/