Merge branch 'jk/send-email-ca-path'
authorJeff King <peff@peff.net>
Tue, 1 Dec 2015 23:54:54 +0000 (18:54 -0500)
committerJeff King <peff@peff.net>
Tue, 1 Dec 2015 23:54:54 +0000 (18:54 -0500)
Use a safer behavior when we hit errors verifying remote certificates.

* jk/send-email-ca-path:
send-email: die if CA path doesn't exist

git-send-email.perl
index 719c7153607ce298e0ce9409587a32d9576f346a..77cc2cc3712a61fc54926d40267336251136dcec 100755 (executable)
@@ -1196,8 +1196,7 @@ sub ssl_verify_params {
                return (SSL_verify_mode => SSL_VERIFY_PEER(),
                        SSL_ca_file => $smtp_ssl_cert_path);
        } else {
-               print STDERR "Not using SSL_VERIFY_PEER because the CA path does not exist.\n";
-               return (SSL_verify_mode => SSL_VERIFY_NONE());
+               die "CA path \"$smtp_ssl_cert_path\" does not exist";
        }
 }