summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2017-07-03 14:31:41 +0200
committerJulian Andres Klode <jak@debian.org>2017-07-03 15:06:26 +0200
commit55673e5476f86ffae8969bfc3a47237f3eeb7720 (patch)
treef6f954ac2494a2ccc6310527b7b99bdb3b4fba3e
parenta742bac161759e2b265a4d4d5f5527f6035d8e58 (diff)
Do not error out, only warn if ca certificates are not available
This probably makes more sense if Verify-Peer is set to off.
-rw-r--r--methods/connect.cc10
1 files changed, 5 insertions, 5 deletions
diff --git a/methods/connect.cc b/methods/connect.cc
index f90474059..d82d3d1a8 100644
--- a/methods/connect.cc
+++ b/methods/connect.cc
@@ -684,11 +684,11 @@ bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd,
if (fileinfo.empty())
{
// No CaInfo specified, use system trust store.
- if ((err = gnutls_certificate_set_x509_system_trust(tlsFd->credentials)) <= 0)
- return _error->Error("Could not load system TLS certificates: %s",
- err == 0
- ? "No certificates available. Try installing ca-certificates."
- : gnutls_strerror(err));
+ err = gnutls_certificate_set_x509_system_trust(tlsFd->credentials);
+ if (err == 0)
+ Owner->Warning("No system certificates available. Try installing ca-certificates.");
+ else if (err < 0)
+ return _error->Error("Could not load system TLS certificates: %s", gnutls_strerror(err));
}
else
{