1 files changed, 12 insertions, 5 deletions

diff --git a/pop3.c b/pop3.c
index 84dbc69c..561a4b59 100644
--- a/pop3.c
+++ b/pop3.c
@@ -307,7 +307,6 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
     char *challenge;
 #endif /* OPIE_ENABLE */
 #ifdef SSL_ENABLE
-    char *realhost = ctl->server.via ? ctl->server.via : ctl->server.pollname;
     flag connection_may_have_tls_errors = FALSE;
     flag got_tls = FALSE;
 #endif /* SSL_ENABLE */
@@ -476,6 +475,14 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
 
 #ifdef SSL_ENABLE
 	if (maybe_tls(ctl)) {
+	    char *commonname;
+
+	    commonname = ctl->server.pollname;
+	    if (ctl->server.via)
+		commonname = ctl->server.via;
+	    if (ctl->sslcommonname)
+		commonname = ctl->sslcommonname;
+
 	   if (has_stls)
 	   {
 	       /* Use "tls1" rather than ctl->sslproto because tls1 is the only
@@ -484,7 +491,7 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
 		* (see below). */
 	       if (gen_transact(sock, "STLS") == PS_SUCCESS
 		       && SSLOpen(sock, ctl->sslcert, ctl->sslkey, "tls1", ctl->sslcertck,
-			   ctl->sslcertpath, ctl->sslfingerprint, realhost,
+			   ctl->sslcertpath, ctl->sslfingerprint, commonname,
 			   ctl->server.pollname, &ctl->remotename) != -1)
 	       {
 		   /*
@@ -508,7 +515,7 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
 		   }
 		   if (outlevel >= O_VERBOSE)
 		   {
-		       report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), realhost);
+		       report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), commonname);
 		   }
 	       }
 	   }
@@ -517,7 +524,7 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
 	       if (must_tls(ctl)) {
 		   /* Config required TLS but we couldn't guarantee it, so we must
 		    * stop. */
-		   report(stderr, GT_("%s: upgrade to TLS failed.\n"), realhost);
+		   report(stderr, GT_("%s: upgrade to TLS failed.\n"), commonname);
 		   return PS_SOCKET;
 	       } else {
 		   /* We don't know whether the connection is usable, and there's
@@ -528,7 +535,7 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
 		   connection_may_have_tls_errors = TRUE;
 		   if (outlevel >= O_VERBOSE)
 		   {
-		       report(stdout, GT_("%s: opportunistic upgrade to TLS failed, trying to continue.\n"), realhost);
+		       report(stdout, GT_("%s: opportunistic upgrade to TLS failed, trying to continue.\n"), commonname);
 		   }
 	       }
 	   }