Chapril
/
xmpp.chapril.org-ejabberd
mirror of https://github.com/processone/ejabberd.git
24
1
Fork 0
Code Releases Activity

Don't set fail_if_no_peer_cert for eldap ssl client connections 

Looks like R26 generates error when this option is used for client
connection, let's just use verify_peer/verify_none for
ldap_tls_verify hard/soft options.

This should fix issue #4110.
This commit is contained in:
Paweł Chmielowski 2023-10-25 20:31:50 +02:00
parent 36fffa5b23
commit c2d04bc478
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/eldap.erl
View File

@ -605,9 +605,9 @@ init([Hosts, Port, Rootdn, Passwd, Opts]) ->
[]),
CertOpts;
Verify == soft ->
[{verify, verify_peer}, {fail_if_no_peer_cert, false}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
[{verify, verify_none}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
Verify == hard ->
[{verify, verify_peer}, {fail_if_no_peer_cert, true}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
[{verify, verify_peer}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
true -> []
end,
{ok, connecting,