From b0be7be05d4f6d630dc8e94a798255e44171b341 Mon Sep 17 00:00:00 2001
From: Patrick Othmer <info@patrick-othmer.de>
Date: Thu, 23 Nov 2023 00:29:44 +0100
Subject: [PATCH] Use rejectUnauthorized: conf.verifyTLSCertificate if no TLS
 is activated

Use rejectUnauthorized: conf.verifyTLSCertificate if no TLS is activated since ldaps could be used.
---
 server/modules/authentication/ldap/authentication.js | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/server/modules/authentication/ldap/authentication.js b/server/modules/authentication/ldap/authentication.js
index 29d21482..d2b8aacd 100644
--- a/server/modules/authentication/ldap/authentication.js
+++ b/server/modules/authentication/ldap/authentication.js
@@ -75,11 +75,7 @@ module.exports = {
 }
 
 function getTlsOptions(conf) {
-  if (!conf.tlsEnabled) {
-    return {}
-  }
-
-  if (!conf.tlsCertPath) {
+  if (!conf.tlsEnabled || !conf.tlsCertPath) {
     return {
       rejectUnauthorized: conf.verifyTLSCertificate
     }