mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-06 10:46:21 +08:00
Change default to SSL_PEER_NONE (don't require peer certificate).
This commit is contained in:
parent
57ed8f6458
commit
5518aefda0
@ -199,9 +199,11 @@ ldap_pvt_tls_init_def_ctx( void )
|
||||
if ( tls_opt_trace ) {
|
||||
SSL_CTX_set_info_callback( tls_def_ctx, tls_info_cb );
|
||||
}
|
||||
SSL_CTX_set_verify( tls_def_ctx, (tls_opt_require_cert) ?
|
||||
SSL_CTX_set_verify( tls_def_ctx,
|
||||
tls_opt_require_cert ?
|
||||
(SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT) :
|
||||
SSL_VERIFY_PEER, tls_verify_cb );
|
||||
SSL_VERIFY_NONE,
|
||||
tls_verify_cb );
|
||||
SSL_CTX_set_tmp_rsa_callback( tls_def_ctx, tls_tmp_rsa_cb );
|
||||
/* SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb ); */
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user