25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-24 16:23:40 +01:00

Change logic for eldap tls_verify=soft and false

Looks like originally both soft and hard worked the same way, so lets make
them do that, and we also need to add {verify, verify_none} for false case
otherwise it fails on R26.
This commit is contained in:
Paweł Chmielowski 2023-10-26 11:17:17 +02:00
parent 81ceefe2f1
commit 08a78a1654

View File

@ -605,10 +605,10 @@ init([Hosts, Port, Rootdn, Passwd, Opts]) ->
[]), []),
CertOpts; CertOpts;
Verify == soft -> Verify == soft ->
[{verify, verify_none}] ++ CertOpts ++ CacertOpts ++ DepthOpts; [{verify, verify_peer}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
Verify == hard -> Verify == hard ->
[{verify, verify_peer}] ++ CertOpts ++ CacertOpts ++ DepthOpts; [{verify, verify_peer}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
true -> [] true -> [{verify, verify_none}]
end, end,
{ok, connecting, {ok, connecting,
#eldap{hosts = Hosts, port = PortTemp, rootdn = Rootdn, #eldap{hosts = Hosts, port = PortTemp, rootdn = Rootdn,