From 08a78a1654947046d2288a6660775feab5416b42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= <pawel@process-one.net>
Date: Thu, 26 Oct 2023 11:17:17 +0200
Subject: [PATCH] Change logic for eldap tls_verify=soft and false

Looks like originally both soft and hard worked the same way, so lets make
them do that, and we also need to add {verify, verify_none} for false case
otherwise it fails on R26.
---
 src/eldap.erl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/eldap.erl b/src/eldap.erl
index dc360a866..3676bd09a 100644
--- a/src/eldap.erl
+++ b/src/eldap.erl
@@ -605,10 +605,10 @@ init([Hosts, Port, Rootdn, Passwd, Opts]) ->
 				  []),
 		     CertOpts;
 		 Verify == soft ->
-		     [{verify, verify_none}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
+		     [{verify, verify_peer}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
 		 Verify == hard ->
 		     [{verify, verify_peer}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
-		 true -> []
+		 true -> [{verify, verify_none}]
 	      end,
     {ok, connecting,
      #eldap{hosts = Hosts, port = PortTemp, rootdn = Rootdn,