journal-upload: also disable VERIFYHOST when --trust=all is used

author Luca Boccassi <luca.boccassi@gmail.com>

Mon, 13 Apr 2026 20:02:10 +0000 (21:02 +0100)

committer Luca Boccassi <luca.boccassi@gmail.com>

Mon, 13 Apr 2026 21:11:50 +0000 (22:11 +0100)
author Luca Boccassi <luca.boccassi@gmail.com>
Mon, 13 Apr 2026 20:02:10 +0000 (21:02 +0100)
committer Luca Boccassi <luca.boccassi@gmail.com>
Mon, 13 Apr 2026 21:11:50 +0000 (22:11 +0100)
diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c

index c4eab80a1fc5a40effdfb2e0778e4e0c70c22a0f..e6cb5dabc265501bbf9d98ff6177236fc7ce59e5 100644 (file)
--- a/src/journal-remote/journal-upload.c
+++ b/src/journal-remote/journal-upload.c
@@ -307,10 +307,13 @@ int start_upload(Uploader *u,
                                      LOG_ERR, return -EXFULL);
                  }
  
-                if (STRPTR_IN_SET(arg_trust, "-", "all"))
+                if (STRPTR_IN_SET(arg_trust, "-", "all")) {
+                        log_info("Server certificate verification disabled.");
                          easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L,
                                      LOG_ERR, return -EUCLEAN);
-                else if (arg_trust || startswith(u->url, "https://"))
+                        easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L,
+                                    LOG_ERR, return -EUCLEAN);
+                } else if (arg_trust || startswith(u->url, "https://"))
                          easy_setopt(curl, CURLOPT_CAINFO, arg_trust ?: TRUST_FILE,
                                      LOG_ERR, return -EXFULL);
author	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 13 Apr 2026 20:02:10 +0000 (21:02 +0100)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 13 Apr 2026 21:11:50 +0000 (22:11 +0100)