From 5518aefda0c0f46475258e143a8df84c7262d7a1 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Fri, 1 Sep 2000 23:24:17 +0000 Subject: [PATCH] Change default to SSL_PEER_NONE (don't require peer certificate). --- libraries/libldap/tls.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c index 4f64d783fd..f06c466266 100644 --- a/libraries/libldap/tls.c +++ b/libraries/libldap/tls.c @@ -199,9 +199,11 @@ ldap_pvt_tls_init_def_ctx( void ) if ( tls_opt_trace ) { SSL_CTX_set_info_callback( tls_def_ctx, tls_info_cb ); } - SSL_CTX_set_verify( tls_def_ctx, (tls_opt_require_cert) ? + SSL_CTX_set_verify( tls_def_ctx, + tls_opt_require_cert ? (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT) : - SSL_VERIFY_PEER, tls_verify_cb ); + SSL_VERIFY_NONE, + tls_verify_cb ); SSL_CTX_set_tmp_rsa_callback( tls_def_ctx, tls_tmp_rsa_cb ); /* SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb ); */ } -- 2.39.5