From c2d04bc478e8507fb00e07add720171d71cb8a2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= <pawel@process-one.net>
Date: Wed, 25 Oct 2023 20:31:50 +0200
Subject: [PATCH] Don't set fail_if_no_peer_cert for eldap ssl client
 connections

Looks like R26 generates error when this option is used for client
connection, let's just use verify_peer/verify_none for
ldap_tls_verify hard/soft options.

This should fix issue #4110.
---
 src/eldap.erl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/eldap.erl b/src/eldap.erl
index 3a9d8974c..dc360a866 100644
--- a/src/eldap.erl
+++ b/src/eldap.erl
@@ -605,9 +605,9 @@ init([Hosts, Port, Rootdn, Passwd, Opts]) ->
 				  []),
 		     CertOpts;
 		 Verify == soft ->
-		     [{verify, verify_peer}, {fail_if_no_peer_cert, false}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
+		     [{verify, verify_none}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
 		 Verify == hard ->
-		     [{verify, verify_peer}, {fail_if_no_peer_cert, true}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
+		     [{verify, verify_peer}] ++ CertOpts ++ CacertOpts ++ DepthOpts;
 		 true -> []
 	      end,
     {ok, connecting,