MEDIUM: httpclient: re-enable the verify by default

Since the httpclient verify now has a fallback which disable the SSL in
the httpclient without exiting haproxy at startup, we can safely
re-enable it by default.

It could still be disabled with "httpclient-ssl-verify none".

diff --git a/src/http_client.c b/src/http_client.c
index 52255becae68760227569b60c2981e03c5c15bdf..69add1a6e9599b441ecfca50786c701237e6ca93 100644 (file)
--- a/src/http_client.c
+++ b/src/http_client.c
@@ -41,7 +41,7 @@ static struct proxy *httpclient_proxy;
 static struct server *httpclient_srv_raw;
 #ifdef USE_OPENSSL
 static struct server *httpclient_srv_ssl;
-static int httpclient_ssl_verify = SSL_SOCK_VERIFY_NONE;
+static int httpclient_ssl_verify = SSL_SOCK_VERIFY_REQUIRED;
 #endif
 static struct applet httpclient_applet;