Do not suggest nonsensical OpenSSL verify modes [ci skip]
SSL_set_verify(3) explains: SSL_VERIFY_FAIL_IF_NO_PEER_CERT Server mode: if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a "handshake failure" alert. This flag must be used together with SSL_VERIFY_PEER. Client mode: ignored SSL_VERIFY_CLIENT_ONCE Server mode: only request a client certificate on the initial TLS/SSL handshake. Do not ask for a client certificate again in case of a renegotiation. This flag must be used together with SSL_VERIFY_PEER. Client mode: ignored The SMTP connection here uses a OpenSSL socket in client mode, suggesting invalid/ignored flags is rather misleading.
Showing
想要评论请 注册 或 登录