From 030078b7bf67a4307623f1a5c58284561ff64a56 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Mon, 13 Apr 2026 03:32:51 +0000 Subject: Implement --no-verify-cert for s6-tlsc and s6-tlsc-io --- src/stls/stls_client_init_and_handshake.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/stls') diff --git a/src/stls/stls_client_init_and_handshake.c b/src/stls/stls_client_init_and_handshake.c index 6f0e248..d68d3a9 100644 --- a/src/stls/stls_client_init_and_handshake.c +++ b/src/stls/stls_client_init_and_handshake.c @@ -64,7 +64,9 @@ struct tls *stls_client_init_and_handshake (int const *fds, tain const *tto, uin if (tls_config_set_ecdhecurve(cfg, "auto") < 0) diecfg(cfg, "tls_config_set_ecdhecurve") ; - tls_config_verify(cfg) ; + if (preoptions & 2) tls_config_insecure_noverifycert(cfg) ; + else tls_config_verify(cfg) ; + tls_config_set_protocols(cfg, TLS_PROTOCOLS_ALL) ; tls_config_prefer_ciphers_server(cfg) ; if (!servername) tls_config_insecure_noverifyname(cfg) ; -- cgit v1.3.1