From 70833d3ba54e6acb5cda39810e8f250cd8ef41ec Mon Sep 17 00:00:00 2001
From: Nicolas Di Gregorio <nicolas.digregorio@gmail.com>
Date: Wed, 21 Feb 2018 08:01:16 +0100
Subject: [PATCH] Fixing SSL_verify_mode deprecated warning.

Fixing SSL_verify_mode deprecated warning:
*******************************************************************
 Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
 is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
 together with SSL_ca_file|SSL_ca_path for verification.
 If you really don't want to verify the certificate and keep the
 connection open to Man-In-The-Middle attacks please set
 SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************
---
 ddclient | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ddclient b/ddclient
index 6053c1c..d4cdce6 100755
--- a/ddclient
+++ b/ddclient
@@ -2037,6 +2037,8 @@ sub geturl {
             Proto => 'tcp',
             MultiHomed => 1,
             Timeout => opt('timeout'),
+	    SSL_verify_mode => 'SSL_VERIFY_PEER',
+            SSL_ca_path => '/etc/pki/tls/certs/',
         );
 	    defined $sd or warning("cannot connect to $peer:$port socket: $@ " . IO::Socket::SSL::errstr());
     } elsif ($globals{'ipv6'}) {