Omit warning of insecure connection if --sslfingerprint matches.

Fixes Debian Bug#580796 reported by Roland Stigge.
author: Matthias Andree <matthias.andree@gmx.de> 2010-05-09 03:18:42 +0200
committer: Matthias Andree <matthias.andree@gmx.de> 2010-05-09 03:18:42 +0200
commit: 8476bffcb54f81d028bcd86e2a9090161738a980 (patch)
tree: a1d2fc7f04bfb1492e57e864016a8d69049129a3 /socket.c
parent: 3a5789cd5d442012a870e84b851f3f246c8b264b (diff)
download: fetchmail-8476bffcb54f81d028bcd86e2a9090161738a980.tar.gz
fetchmail-8476bffcb54f81d028bcd86e2a9090161738a980.tar.bz2
fetchmail-8476bffcb54f81d028bcd86e2a9090161738a980.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/socket.c b/socket.c
index a3adfd80..2ebdfc6a 100644
--- a/socket.c
+++ b/socket.c
@@ -1009,8 +1009,8 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
 		}
 	}
 
-	if (!certck && (SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK
-|| !_verify_ok)) {
+	if (!certck && !fingerprint &&
+		(SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK || !_verify_ok)) {
 		report(stderr, GT_("Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)\n"));
 	}
author	Matthias Andree <matthias.andree@gmx.de>	2010-05-09 03:18:42 +0200
committer	Matthias Andree <matthias.andree@gmx.de>	2010-05-09 03:18:42 +0200
commit	8476bffcb54f81d028bcd86e2a9090161738a980 (patch)
tree	a1d2fc7f04bfb1492e57e864016a8d69049129a3 /socket.c
parent	3a5789cd5d442012a870e84b851f3f246c8b264b (diff)
download	fetchmail-8476bffcb54f81d028bcd86e2a9090161738a980.tar.gz fetchmail-8476bffcb54f81d028bcd86e2a9090161738a980.tar.bz2 fetchmail-8476bffcb54f81d028bcd86e2a9090161738a980.zip