journal-upload: also disable VERIFYHOST when --trust=all is used

author Luca Boccassi <luca.boccassi@gmail.com>

Mon, 13 Apr 2026 20:02:10 +0000 (21:02 +0100)

committer Luca Boccassi <luca.boccassi@gmail.com>

Tue, 14 Apr 2026 16:32:02 +0000 (17:32 +0100)
author Luca Boccassi <luca.boccassi@gmail.com>
Mon, 13 Apr 2026 20:02:10 +0000 (21:02 +0100)
committer Luca Boccassi <luca.boccassi@gmail.com>
Tue, 14 Apr 2026 16:32:02 +0000 (17:32 +0100)
diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c

index c6123146a5507a22c0263ff92481129f357dc24b..b3b4154f094f51c4add681d4b269ea442ad01b81 100644 (file)
--- a/src/journal-remote/journal-upload.c
+++ b/src/journal-remote/journal-upload.c
@@ -307,10 +307,13 @@ int start_upload(Uploader *u,
                                      LOG_ERR, return -EXFULL);
                  }
  
-                if (STRPTR_IN_SET(arg_trust, "-", "all"))
+                if (STRPTR_IN_SET(arg_trust, "-", "all")) {
+                        log_info("Server certificate verification disabled.");
                          easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L,
                                      LOG_ERR, return -EUCLEAN);
-                else if (arg_trust || startswith(u->url, "https://"))
+                        easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L,
+                                    LOG_ERR, return -EUCLEAN);
+                } else if (arg_trust || startswith(u->url, "https://"))
                          easy_setopt(curl, CURLOPT_CAINFO, arg_trust ?: TRUST_FILE,
                                      LOG_ERR, return -EXFULL);
author	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 13 Apr 2026 20:02:10 +0000 (21:02 +0100)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Tue, 14 Apr 2026 16:32:02 +0000 (17:32 +0100)