[fetchmail-devel] Fingerprint supplied should accept sslcertck warns

[grarpamp <gra...@gm...>]

Noticed a situation where sslcertck on an expired cert
is preventing access even though I've specified a fingerprint.

This happens often when the service provider is up and
running just fine, but their management failed to plan for
cert renewals. End result, lock yourself out of mail till the
service renews, or lose both sslcertck and fingerprint
security to regain mail access. Not an ideal situation,
especially over hostile networks.

IMO, if a user has specified a cert fp, yes, please warn if
any other cert check fails, but do not error out. Or at least
make warn the default action, and erroring out a configurable
option.