Merge branch 'rk/send-email-ssl-cert'

gitster · gitster · commit de20e4472157 · 2014-01-27T10:44:34.000-08:00
The "if /etc/ssl/certs/ directory exists, explicitly telling the
library to use it as SSL_ca_path" blind-defaulting in "git
send-email" broke platforms where /etc/ssl/certs/ directory exists,
but it cannot used as SSL_ca_path (e.g. Fedora rawhide).  Fix it by
not specifying any SSL_ca_path/SSL_ca_file but still asking for peer
verification in such a case.

* rk/send-email-ssl-cert:
  send-email: /etc/ssl/certs/ directory may not be usable as ca_path
diff --git a/git-send-email.perl b/git-send-email.perl
@@ -1095,7 +1095,8 @@ sub ssl_verify_params {
 	}
 
 	if (!defined $smtp_ssl_cert_path) {
-		$smtp_ssl_cert_path = "/etc/ssl/certs";
+		# use the OpenSSL defaults
+		return (SSL_verify_mode => SSL_VERIFY_PEER());
 	}
 
 	if ($smtp_ssl_cert_path eq "") {

Original file line number	Diff line number	Diff line change
`@@ -1095,7 +1095,8 @@ sub ssl_verify_params {`
`1095`	`1095`	`}`
`1096`	`1096`
`1097`	`1097`	`if (!defined $smtp_ssl_cert_path) {`
`1098`		`- $smtp_ssl_cert_path = "/etc/ssl/certs";`
	`1098`	`+ # use the OpenSSL defaults`
	`1099`	`+ return (SSL_verify_mode => SSL_VERIFY_PEER());`
`1099`	`1100`	`}`
`1100`	`1101`
`1101`	`1102`	`if ($smtp_ssl_cert_path eq "") {`