CVE-2016-2113: docs-xml: let "tls verify peer" default to "as_strict_as_possible"
[samba.git] / lib / param / loadparm.c
index 43defc171ff3c5e4cbec810659b471b75c7e1917..5c9f6a1114d286f038edff5b7c5e03b24956a5cf 100644 (file)
@@ -2674,7 +2674,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
        lpcfg_do_global_parameter(lp_ctx, "min wins ttl", "21600");
 
        lpcfg_do_global_parameter(lp_ctx, "tls enabled", "True");
-       lpcfg_do_global_parameter(lp_ctx, "tls verify peer", "no_check");
+       lpcfg_do_global_parameter(lp_ctx, "tls verify peer", "as_strict_as_possible");
        lpcfg_do_global_parameter(lp_ctx, "tls keyfile", "tls/key.pem");
        lpcfg_do_global_parameter(lp_ctx, "tls certfile", "tls/cert.pem");
        lpcfg_do_global_parameter(lp_ctx, "tls cafile", "tls/ca.pem");