From: Jeff King <peff@peff.net>
Date: Tue, 1 Dec 2015 23:54:54 +0000 (-0500)
Subject: Merge branch 'jk/send-email-ca-path'
X-Git-Tag: v2.7.0-rc0~20
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/43ed3827ed5ce06692d02e0f0c6809ff5812bb6e?ds=inline;hp=-c

Merge branch 'jk/send-email-ca-path'

Use a safer behavior when we hit errors verifying remote certificates.

* jk/send-email-ca-path:
send-email: die if CA path doesn't exist
---

43ed3827ed5ce06692d02e0f0c6809ff5812bb6e
diff --combined git-send-email.perl
index 719c715360,0eb7a28c37..77cc2cc371
--- a/git-send-email.perl
+++ b/git-send-email.perl
@@@ -239,6 -239,7 +239,6 @@@ my %config_settings = 
      "smtpserveroption" => \@smtp_server_options,
      "smtpuser" => \$smtp_authuser,
      "smtppass" => \$smtp_authpass,
 -    "smtpsslcertpath" => \$smtp_ssl_cert_path,
      "smtpdomain" => \$smtp_domain,
      "smtpauth" => \$smtp_auth,
      "to" => \@initial_to,
@@@ -258,7 -259,6 +258,7 @@@
  
  my %config_path_settings = (
      "aliasesfile" => \@alias_files,
 +    "smtpsslcertpath" => \$smtp_ssl_cert_path,
  );
  
  # Handle Uncouth Termination
@@@ -1196,8 -1196,7 +1196,7 @@@ sub ssl_verify_params 
  		return (SSL_verify_mode => SSL_VERIFY_PEER(),
  			SSL_ca_file => $smtp_ssl_cert_path);
  	} else {
- 		print STDERR "Not using SSL_VERIFY_PEER because the CA path does not exist.\n";
- 		return (SSL_verify_mode => SSL_VERIFY_NONE());
+ 		die "CA path \"$smtp_ssl_cert_path\" does not exist";
  	}
  }