diff options
author | Ramkumar Ramachandra <artagnon@gmail.com> | 2013-07-18 09:53:11 -0700 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2013-07-18 16:01:30 -0700 |
commit | 35035bbf074d1a4c59cd5f99282c12197105da08 (patch) | |
tree | 8cd36b1fccfd9414cb6d71de1793016d4c77deb9 /Documentation | |
parent | 531c8dd4fb18e653d6170d367e4b23c3164d5ce0 (diff) | |
download | git-35035bbf074d1a4c59cd5f99282c12197105da08.tar.gz |
send-email: be explicit with SSL certificate verificationrr/send-email-ssl-verify
When initiating an SSL connection without explicitly specifying the
SSL certificate verification mode, Net::SMTP::SSL defaults to no
verification, but recent versions of the module gives a warning
against this use of the default.
Enable certificate verification by default, using /etc/ssl/certs as
the default path for certificates of certificate authorities. This
path can be overriden by the --smtp-ssl-cert-path command line
option and the sendemail.smtpSSLCertPath configuration variable.
Passing an empty string as the path for CA certificates path disables
the SSL certificate verification explicitly, which does not trigger
the warning from recent versions of Net::SMTP::SSL.
Signed-off-by: Ramkumar Ramachandra <artagnon@gmail.com>
Helped-by: Brian M. Carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/config.txt | 4 | ||||
-rw-r--r-- | Documentation/git-send-email.txt | 6 |
2 files changed, 10 insertions, 0 deletions
diff --git a/Documentation/config.txt b/Documentation/config.txt index 6e53fc5074..4de154ca67 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -2022,6 +2022,10 @@ sendemail.smtpencryption:: sendemail.smtpssl:: Deprecated alias for 'sendemail.smtpencryption = ssl'. +sendemail.smtpsslcertpath:: + Path to ca-certificates (either a directory or a single file). + Set it to an empty string to disable certificate verification. + sendemail.<identity>.*:: Identity-specific versions of the 'sendemail.*' parameters found below, taking precedence over those when the this diff --git a/Documentation/git-send-email.txt b/Documentation/git-send-email.txt index 40a9a9abc1..f0e57a597b 100644 --- a/Documentation/git-send-email.txt +++ b/Documentation/git-send-email.txt @@ -198,6 +198,12 @@ must be used for each option. --smtp-ssl:: Legacy alias for '--smtp-encryption ssl'. +--smtp-ssl-cert-path:: + Path to ca-certificates (either a directory or a single file). + Set it to an empty string to disable certificate verification. + Defaults to the value set to the 'sendemail.smtpsslcertpath' + configuration variable, if set, or `/etc/ssl/certs` otherwise. + --smtp-user=<user>:: Username for SMTP-AUTH. Default is the value of 'sendemail.smtpuser'; if a username is not specified (with '--smtp-user' or 'sendemail.smtpuser'), |