From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Mon, 13 Apr 2026 20:02:10 +0000 (+0100)
Subject: journal-upload: also disable VERIFYHOST when --trust=all is used
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F41626%2Fhead;p=thirdparty%2Fsystemd.git

journal-upload: also disable VERIFYHOST when --trust=all is used

When --trust=all disables CURLOPT_SSL_VERIFYPEER, the residual
CURLOPT_SSL_VERIFYHOST check is ineffective since an attacker can
present a self-signed certificate with the expected hostname. Disable
both for consistency and log that server certificate verification is
disabled.

Follow-up for 8847551bcbfa8265bae04f567bb1aadc7b480325
---

diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c
index c4eab80a1fc..e6cb5dabc26 100644
--- a/src/journal-remote/journal-upload.c
+++ b/src/journal-remote/journal-upload.c
@@ -307,10 +307,13 @@ int start_upload(Uploader *u,
                                     LOG_ERR, return -EXFULL);
                 }
 
-                if (STRPTR_IN_SET(arg_trust, "-", "all"))
+                if (STRPTR_IN_SET(arg_trust, "-", "all")) {
+                        log_info("Server certificate verification disabled.");
                         easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L,
                                     LOG_ERR, return -EUCLEAN);
-                else if (arg_trust || startswith(u->url, "https://"))
+                        easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L,
+                                    LOG_ERR, return -EUCLEAN);
+                } else if (arg_trust || startswith(u->url, "https://"))
                         easy_setopt(curl, CURLOPT_CAINFO, arg_trust ?: TRUST_FILE,
                                     LOG_ERR, return -EXFULL);