From 35035bbf074d1a4c59cd5f99282c12197105da08 Mon Sep 17 00:00:00 2001 From: Ramkumar Ramachandra Date: Thu, 18 Jul 2013 09:53:11 -0700 Subject: send-email: be explicit with SSL certificate verification When initiating an SSL connection without explicitly specifying the SSL certificate verification mode, Net::SMTP::SSL defaults to no verification, but recent versions of the module gives a warning against this use of the default. Enable certificate verification by default, using /etc/ssl/certs as the default path for certificates of certificate authorities. This path can be overriden by the --smtp-ssl-cert-path command line option and the sendemail.smtpSSLCertPath configuration variable. Passing an empty string as the path for CA certificates path disables the SSL certificate verification explicitly, which does not trigger the warning from recent versions of Net::SMTP::SSL. Signed-off-by: Ramkumar Ramachandra Helped-by: Brian M. Carlson Signed-off-by: Junio C Hamano --- Documentation/git-send-email.txt | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'Documentation/git-send-email.txt') diff --git a/Documentation/git-send-email.txt b/Documentation/git-send-email.txt index 40a9a9abc1..f0e57a597b 100644 --- a/Documentation/git-send-email.txt +++ b/Documentation/git-send-email.txt @@ -198,6 +198,12 @@ must be used for each option. --smtp-ssl:: Legacy alias for '--smtp-encryption ssl'. +--smtp-ssl-cert-path:: + Path to ca-certificates (either a directory or a single file). + Set it to an empty string to disable certificate verification. + Defaults to the value set to the 'sendemail.smtpsslcertpath' + configuration variable, if set, or `/etc/ssl/certs` otherwise. + --smtp-user=:: Username for SMTP-AUTH. Default is the value of 'sendemail.smtpuser'; if a username is not specified (with '--smtp-user' or 'sendemail.smtpuser'), -- cgit v1.2.3