From 8476bffcb54f81d028bcd86e2a9090161738a980 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Sun, 9 May 2010 03:18:42 +0200
Subject: Omit warning of insecure connection if --sslfingerprint matches.

Fixes Debian Bug#580796 reported by Roland Stigge.
---
 socket.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'socket.c')

diff --git a/socket.c b/socket.c
index a3adfd80..2ebdfc6a 100644
--- a/socket.c
+++ b/socket.c
@@ -1009,8 +1009,8 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
 		}
 	}
 
-	if (!certck && (SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK
-|| !_verify_ok)) {
+	if (!certck && !fingerprint &&
+		(SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK || !_verify_ok)) {
 		report(stderr, GT_("Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)\n"));
 	}
 
-- 
cgit v1.2.3