From d4f1fd56cdcbe7e79ebcf0685269e40a1174e7d3 Mon Sep 17 00:00:00 2001
From: Juan RP <xtraeme@voidlinux.eu>
Date: Wed, 28 Oct 2015 07:36:50 +0100
Subject: [PATCH] NEWS: document libfetch env vars for SSL cert verification.

---
 NEWS | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/NEWS b/NEWS
index 885de91c..e3adb41b 100644
--- a/NEWS
+++ b/NEWS
@@ -13,6 +13,14 @@ xbps-0.48 (???):
 	- SSL/TLS HTTPS client certificate validation.
 	- Fixes for user/password encoding, misc.
 
+   Client certificate validation uses the default CA path (/etc/ssl/certs)
+   and some environment variables override its behaviour:
+
+	- SSL_CA_CERT_FILE: path to the CA file.
+	- SSL_CA_CERT_PATH: path to the CA path (defaults to /etc/ssl/certs)
+	- SSL_NO_VERIFY_PEER: disable certificate verification.
+	- SSL_NO_VERIFY_HOSTNAME: disable certificate hostname verification.
+
  * lixbps: use a sane umask if the pkgdb file needs to created for the first
    time. Thanks to Wolfgang Draxinger (https://github.com/voidlinux/xbps/pull/108).