tag 580796 patch
thanks
Find attached a patch to hopefully solve that problem.
Works for me, but please test.
diff --git a/socket.c b/socket.c
index a3adfd8..2ebdfc6 100644
--- a/socket.c
+++ b/socket.c
@@ -1009,8 +1009,8 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
}
}
- if (!certck && (SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK
-|| !_verify_ok)) {
+ if (!certck && !fingerprint &&
+ (SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK || !_verify_ok)) {
report(stderr, GT_("Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)\n"));
}
