[[ sendEmail - default of SSL_verify_mode of SSL_VERIFY_NONE for client is deprecated ]]

sendEmail - default of SSL_verify_mode of SSL_VERIFY_NONE for client is deprecated

CentOS Linux release 7.5.1804 (Core)
sendemail-1.56-1.el7.noarch
perl-IO-Socket-SSL-1.94-7.el7.noarch

*******************************************************************
 Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
 is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
 possibly with SSL_ca_file|SSL_ca_path for verification.
 If you really don't want to verify the certificate and keep the
 connection open to Man-In-The-Middle attacks please set
 SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************
  at /usr/bin/sendemail line 1933.
Mar 26 10:06:41 us-plkafka-connect01 sendemail[27668]: Email was sent successfully!

/usr/share/perl5/vendor_perl/IO/Socket/SSL.pm

    # default for SSL_verify_mode should be SSL_VERIFY_PEER for client
    # for now we keep the default of SSL_VERIFY_NONE but complain, if
    # somebody uses this implicit default
    # SSL_verify_mode => undef,  # set to undef to enable secure default
-   SSL_verify_mode => SSL_VERIFY_NONE,
+   SSL_verify_mode => SSL_VERIFY_PEER,






Обсуждение

Ваш комментарий. Вики-синтаксис разрешён:
93 +12 =​
 
practice/bugs/sendemail_ssl_verify_mode.txt · Последнее изменение: 2022/09/08 14:21 — lexa
Gentoo Linux Gentoo Linux Driven by DokuWiki