From 91f4af7e6af53e1c6bf17ed36cb2161863eddae4 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 13 Nov 2012 17:42:07 -0500
Subject: Do SSL CA verification and hostname validation.

---
 ipa-client/ipa-join.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c
index 64b4c0ac6..8369e360f 100644
--- a/ipa-client/ipa-join.c
+++ b/ipa-client/ipa-join.c
@@ -166,8 +166,8 @@ callRPC(char * user_agent,
     memset(curlXportParmsP, 0, sizeof(*curlXportParmsP));
 
     /* Have curl do SSL certificate validation */
-    curlXportParmsP->no_ssl_verifypeer = 1;
-    curlXportParmsP->no_ssl_verifyhost = 1;
+    curlXportParmsP->no_ssl_verifypeer = 0;
+    curlXportParmsP->no_ssl_verifyhost = 0;
     curlXportParmsP->cainfo = "/etc/ipa/ca.crt";
     curlXportParmsP->user_agent = user_agent;
     /* Enable GSSAPI credentials delegation */
-- 
cgit