diff options
| author | Matthias Andree <matthias.andree@gmx.de> | 2015-11-15 12:07:02 +0100 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2015-11-15 12:07:02 +0100 |
| commit | 6adcb0cc60e672ea36e3044451c9683b2eb49d64 (patch) | |
| tree | 2697341bdd9f0e3811c70421770a9cb94671c51d /fetchmail.c | |
| parent | 9be5aeaeba1041e7cce034832dace6c0f0b64c82 (diff) | |
| download | fetchmail-6adcb0cc60e672ea36e3044451c9683b2eb49d64.tar.gz fetchmail-6adcb0cc60e672ea36e3044451c9683b2eb49d64.tar.bz2 fetchmail-6adcb0cc60e672ea36e3044451c9683b2eb49d64.zip | |
Enable --sslcertck by default.
There are no sslcertck (rcfile) and --nosslcertck (command line) options
that can be combined with [--]sslfingerprint if so desired.
The documentation is deliberately not updated everywhere, so that
recommendations to use --sslcertck stand, this is for the benefit of
users that read fetchmail v6.4.0 manuals to configure a fetchmail v6.3.X
implementation.
Diffstat (limited to 'fetchmail.c')
| -rw-r--r-- | fetchmail.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fetchmail.c b/fetchmail.c index 0758d3e3..3250a0f6 100644 --- a/fetchmail.c +++ b/fetchmail.c @@ -1268,7 +1268,7 @@ static int load_params(int argc, char **argv, int optind) DEFAULT(ctl->server.dns, TRUE); DEFAULT(ctl->server.uidl, FALSE); DEFAULT(ctl->use_ssl, FALSE); - DEFAULT(ctl->sslcertck, FALSE); + DEFAULT(ctl->sslcertck, TRUE); DEFAULT(ctl->server.checkalias, FALSE); #ifndef SSL_ENABLE /* @@ -1720,6 +1720,8 @@ static void dump_params (struct runctl *runp, printf(GT_(" SSL protocol: %s.\n"), ctl->sslproto); if (ctl->sslcertck) { printf(GT_(" SSL server certificate checking enabled.\n")); + } else { + printf(GT_(" SSL server certificate checking disabled.\n")); } if (ctl->sslcertfile != NULL) printf(GT_(" SSL trusted certificate file: %s\n"), ctl->sslcertfile); |