From 91f4af7e6af53e1c6bf17ed36cb2161863eddae4 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Jan 23 2013 19:26:42 +0000
Subject: Do SSL CA verification and hostname validation.


---

diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c
index 64b4c0a..8369e36 100644
--- a/ipa-client/ipa-join.c
+++ b/ipa-client/ipa-join.c
@@ -166,8 +166,8 @@ callRPC(char * user_agent,
     memset(curlXportParmsP, 0, sizeof(*curlXportParmsP));
 
     /* Have curl do SSL certificate validation */
-    curlXportParmsP->no_ssl_verifypeer = 1;
-    curlXportParmsP->no_ssl_verifyhost = 1;
+    curlXportParmsP->no_ssl_verifypeer = 0;
+    curlXportParmsP->no_ssl_verifyhost = 0;
     curlXportParmsP->cainfo = "/etc/ipa/ca.crt";
     curlXportParmsP->user_agent = user_agent;
     /* Enable GSSAPI credentials delegation */