Enable --sslcertck by default.

There are no sslcertck (rcfile) and --nosslcertck (command line) options
that can be combined with [--]sslfingerprint if so desired.

The documentation is deliberately not updated everywhere, so that
recommendations to use --sslcertck stand, this is for the benefit of
users that read fetchmail v6.4.0 manuals to configure a fetchmail v6.3.X
implementation.

5 files changed, 62 insertions, 27 deletions

diff --git a/NEWS b/NEWS
index cc925786..d67d49f8 100644
--- a/NEWS
+++ b/NEWS
@@ -61,14 +61,15 @@ fetchmail-6.4.0 (not yet released):
 # NOTE THAT FETCHMAIL IS NO LONGER PUBLISHED THROUGH IBIBLIO.
 * They have stopped accepting submissions and consider themselves an archive.
 
-## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY WANT RECONFIGURATION
+## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION
 * Fetchmail no longer supports SSLv2.
+
 * Fetchmail no longer attempts to negotiate SSLv3 by default,
   even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer
-  TLS version, with STLS/STARTTLS (it would previously force TLSv1.0).  If the
-  OpenSSL version used at build and run-time supports these versions, --sslproto
-  ssl3 can be used to enable this specific version.  Doing so is discouraged
-  because these protocols are broken.
+  TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with
+  STARTTLS).  If the OpenSSL version used at build and run-time supports these
+  versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3.
+  Doing so is discouraged because these SSLv3 protocol is broken.
 
   Along the lines suggested - as patch - by Kurt Roeckx, Debian Bug #768843.
 
@@ -77,14 +78,20 @@ fetchmail-6.4.0 (not yet released):
   ssl3, --sslproto tls1 to --sslproto auto, so that they can enable TLSv1.1 and
   TLSv1.2 on systems with OpenSSL 1.0.1 or newer.
 
-  The --sslproto option now understands the values auto, tls1+, tls1.1+,
-  tls1.2+ (case insensitively).
+  The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1, 
+  tls1.1+, tls1.2, tls1.2+ (case insensitively).
+
+* Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to
+  override this has been added, but may be removed in future fetchmail versions
+  in favour of another configuration option that makes the insecurity in using
+  this option clearer.
 
 ## CHANGES
 * fetchmail 6.3.X is unsupported.
 * Fetchmail now supports --sslproto auto and --sslproto tls1+ (same as ssl23).
 * --sslproto tls1.1+ and tls1.2+ are now supported for auto-negotiation with a
-  minimum specified TLS protocol version.
+  minimum specified TLS protocol version, and --sslproto tls1.1 and --sslproto
+  tls1.2 to force the specified TLS protocol version.
 * Fetchmail now detects if the server hangs up prematurely during SSL_connect()
   and reports this condition as such, and not just as SSL connection failure.
   (OpenSSL 1.0.2 reported incompatible with pop3.live.com by Jerry Seibert).
diff --git a/fetchmail.c b/fetchmail.c
index 0758d3e3..3250a0f6 100644
--- a/fetchmail.c
+++ b/fetchmail.c
@@ -1268,7 +1268,7 @@ static int load_params(int argc, char **argv, int optind)
 	    DEFAULT(ctl->server.dns, TRUE);
 	    DEFAULT(ctl->server.uidl, FALSE);
 	    DEFAULT(ctl->use_ssl, FALSE);
-	    DEFAULT(ctl->sslcertck, FALSE);
+	    DEFAULT(ctl->sslcertck, TRUE);
 	    DEFAULT(ctl->server.checkalias, FALSE);
 #ifndef SSL_ENABLE
 	    /*
@@ -1720,6 +1720,8 @@ static void dump_params (struct runctl *runp,
 	    printf(GT_("  SSL protocol: %s.\n"), ctl->sslproto);
 	if (ctl->sslcertck) {
 	    printf(GT_("  SSL server certificate checking enabled.\n"));
+	} else {
+	    printf(GT_("  SSL server certificate checking disabled.\n"));
 	}
 	if (ctl->sslcertfile != NULL)
 		printf(GT_("  SSL trusted certificate file: %s\n"), ctl->sslcertfile);
diff --git a/fetchmail.man b/fetchmail.man
index aa1aa75f..e75500a6 100644
--- a/fetchmail.man
+++ b/fetchmail.man
@@ -414,11 +414,9 @@ from. The folder information is written only since version 6.3.4.
 (Keyword: ssl)
 .br
 Causes the connection to the mail server to be encrypted via SSL, by
-negotiating SSL directly after connecting (SSL-wrapped mode).  It is
-highly recommended to use \-\-sslcertck to validate the certificates
-presented by the server.  Please see the description of \-\-sslproto
-below!  More information is available in the \fIREADME.SSL\fP file that
-ships with fetchmail.
+negotiating SSL directly after connecting (SSL-wrapped mode).
+Please see the description of \-\-sslproto below!  More information is
+available in the \fIREADME.SSL\fP file that ships with fetchmail.
 .IP
 Note that even if this option is omitted, fetchmail may still negotiate
 SSL in-band for POP3 or IMAP, through the STLS or STARTTLS feature.  You
@@ -527,16 +525,17 @@ NOTE: you should hardly ever need to use anything other than '' (to
 force an unencrypted connection) or 'auto' (to enforce TLS).
 .TP
 .B \-\-sslcertck
-(Keyword: sslcertck)
+(Keyword: sslcertck, default enabled since v6.4.0)
 .br
-Causes fetchmail to require that SSL/TLS be used and disconnect if it
-can not successfully negotiate SSL or TLS, or if it cannot successfully
-verify and validate the certificate and follow it to a trust anchor (or
-trusted root certificate). The trust anchors are given as a set of local
-trusted certificates (see the \fBsslcertfile\fP and \fBsslcertpath\fP
-options). If the server certificate cannot be obtained or is not signed
-by one of the trusted ones (directly or indirectly), fetchmail will
-disconnect, regardless of the \fBsslfingerprint\fP option.
+.B \-\-sslcertck causes fetchmail to require that SSL/TLS be used and
+disconnect if it can not successfully negotiate SSL or TLS, or if it
+cannot successfully verify and validate the certificate and follow it to
+a trust anchor (or trusted root certificate). The trust anchors are
+given as a set of local trusted certificates (see the \fBsslcertfile\fP
+and \fBsslcertpath\fP options). If the server certificate cannot be
+obtained or is not signed by one of the trusted ones (directly or
+indirectly), fetchmail will disconnect, regardless of the
+\fBsslfingerprint\fP option.
 .IP
 Note that CRL (certificate revocation lists) are only supported in
 OpenSSL 0.9.7 and newer! Your system clock should also be reasonably
@@ -545,6 +544,13 @@ accurate when using this option.
 Note that this optional behavior may become default behavior in future
 fetchmail versions.
 .TP
+.B \-\-nosslcertck
+(Keyword: no sslcertck, only in v6.4.X)
+.br
+The opposite of \-\-sslcertck, this is a disouraged option. It permits
+fetchmail to continue connecting even if the server certificate failed
+the verification checks.  Should only be used together with
+\-\-sslfingerprint.
 .B \-\-sslcertfile <file>
 (Keyword: sslcertfile, since v6.3.17)
 .br
@@ -603,12 +609,12 @@ fingerprint with the given one, and the connection will fail if they do not
 match, regardless of the \fBsslcertck\fP setting. The connection will
 also fail if fetchmail cannot obtain an SSL certificate from the server.
 This can be used to prevent man-in-the-middle attacks, but the finger
-print from the server needs to be obtained or verified over a secure
+print from the server must be obtained or verified over a secure
 channel, and certainly not over the same Internet connection that
 fetchmail would use.
 .IP
 Using this option will prevent printing certificate verification errors
-as long as \-\-sslcertck is unset.
+as long as \-\-nosslcertck is in effect.
 .IP
 To obtain the fingerprint of a certificate stored in the file cert.pem,
 try:
@@ -1281,7 +1287,7 @@ control file option is used, fetchmail will instead abort if any of
 these checks fail, because it must assume that there is a
 man-in-the-middle attack in this scenario, hence fetchmail must not
 expose cleartext passwords. Use of the sslcertck or \-\-sslcertck option
-is therefore advised.
+is therefore advised; it has become the default in fetchmail 6.4.0.
 .PP
 Some SSL encrypted servers may request a client side certificate.  A client
 side public SSL certificate and private SSL key may be specified.  If
@@ -1880,12 +1886,24 @@ T}
 sslcert 	\&	\&	T{
 Specify file for \fBclient side\fP public SSL certificate
 T}
+sslcertck	\&	\&	T{
+Enable strict certificate checking and abort connection on failure.
+T}
+no sslcertck	\&	\&	T{
+Disable strict certificate checking and permit connections to continue
+on failed verification. Discouraged. Should only be used together with
+sslfingerprint.
+T}
 sslcertfile	\&	\&	T{
 Specify file with trusted CA certificates
 T}
 sslcertpath	\&	\&	T{
 Specify c_rehash-ed directory with trusted CA certificates.
 T}
+sslfingerprint	<HASH> \&	\&	T{
+Specify the expected server certificat finger print. Fetchmail will
+disconnect and log an error if it does not match.
+T}
 sslkey  	\&	\&	T{
 Specify file for \fBclient side\fP private SSL key
 T}
diff --git a/options.c b/options.c
index d53044fc..15928b34 100644
--- a/options.c
+++ b/options.c
@@ -45,6 +45,7 @@ enum {
     LA_SSLCERT,
     LA_SSLPROTO,
     LA_SSLCERTCK,
+    LA_NOSSLCERTCK,
     LA_SSLCERTFILE,
     LA_SSLCERTPATH,
     LA_SSLCOMMONNAME,
@@ -132,6 +133,7 @@ static const struct option longoptions[] = {
   {"sslcert",	required_argument, (int *) 0, LA_SSLCERT },
   {"sslproto",	 required_argument, (int *) 0, LA_SSLPROTO },
   {"sslcertck", no_argument,	   (int *) 0, LA_SSLCERTCK },
+  {"nosslcertck", no_argument,	   (int *) 0, LA_NOSSLCERTCK },
   {"sslcertfile",   required_argument, (int *) 0, LA_SSLCERTFILE },
   {"sslcertpath",   required_argument, (int *) 0, LA_SSLCERTPATH },
   {"sslcommonname",    required_argument, (int *) 0, LA_SSLCOMMONNAME },
@@ -562,6 +564,10 @@ int parsecmdline (int argc /** argument count */,
 	    ctl->sslcertck = FLAG_TRUE;
 	    break;
 
+	case LA_NOSSLCERTCK:
+	    ctl->sslcertck = FLAG_FALSE;
+	    break;
+
 	case LA_SSLCERTFILE:
 	    ctl->sslcertfile = prependdir(optarg, currentwd);
 	    break;
@@ -647,6 +653,7 @@ int parsecmdline (int argc /** argument count */,
 	P(GT_("      --sslkey      ssl private key file\n"));
 	P(GT_("      --sslcert     ssl client certificate\n"));
 	P(GT_("      --sslcertck   do strict server certificate check (recommended)\n"));
+	P(GT_("      --nosslcertck skip strict server certificate check (insecure)\n"));
 	P(GT_("      --sslcertfile path to trusted-CA ssl certificate file\n"));
 	P(GT_("      --sslcertpath path to trusted-CA ssl certificate directory\n"));
 	P(GT_("      --sslcommonname  expect this CommonName from server (discouraged)\n"));
diff --git a/rcfile_y.y b/rcfile_y.y
index 91de6146..70615661 100644
--- a/rcfile_y.y
+++ b/rcfile_y.y
@@ -362,7 +362,8 @@ user_option	: TO mapping_list HERE
 		| NO MIMEDECODE		{current.mimedecode  = FLAG_FALSE;}
 		| NO IDLE		{current.idle        = FLAG_FALSE;}
 
-		| NO SSL 	        {current.use_ssl     = FLAG_FALSE;}
+		| NO SSL		{current.use_ssl     = FLAG_FALSE;}
+		| NO SSLCERTCK		{current.sslcertck   = FLAG_FALSE;}
 
 		| LIMIT NUMBER		{current.limit       = NUM_VALUE_IN($2);}
 		| WARNINGS NUMBER	{current.warnings    = NUM_VALUE_IN($2);}