Make smtp transport try server cert verify by default

[exim.git] / src / src / tls-openssl.c

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index bb17821e474d37fc39c31ebd1fee204041b255c8..ce6b47832843b06b17c4b804f11029b3f954be8e 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1686,7 +1686,9 @@ int rc;
    set but both tls_verify_hosts and tls_try_verify_hosts is not set. Check only
    the specified host patterns if one of them is defined */
 
-if (  (!ob->tls_verify_hosts && !ob->tls_try_verify_hosts)
+if (  (  !ob->tls_verify_hosts
+      && (!ob->tls_try_verify_hosts || !*ob->tls_try_verify_hosts)
+      )
    || (verify_check_given_host(&ob->tls_verify_hosts, host) == OK)
    )
   client_verify_optional = FALSE;