]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: edef705)
We really only want to verify the client by default
authorArran Cudbard-Bell <a.cudbardb@freeradius.org>
Fri, 8 Oct 2021 21:40:14 +0000 (16:40 -0500)
committerArran Cudbard-Bell <a.cudbardb@freeradius.org>
Fri, 8 Oct 2021 21:40:14 +0000 (16:40 -0500)
src/lib/tls/conf.c patch | blob | blame | history

diff --git a/src/lib/tls/conf.c b/src/lib/tls/conf.c
index 651afab9da91b73fcf522fe16937a0250eabcc49..0fae16940ee2d65ea5f575c32e41f5d0d947ad82 100644 (file)
--- a/src/lib/tls/conf.c
+++ b/src/lib/tls/conf.c
@@ -143,7 +143,7 @@ static CONF_PARSER tls_verify_config[] = {
                                .table = verify_mode_table,
                                .len = &verify_mode_table_len
                         },
-                        .dflt = "client-and-issuer" },
+                        .dflt = "client" }, /* Don't change this */
        { FR_CONF_OFFSET("check_crl", FR_TYPE_BOOL, fr_tls_verify_conf_t, check_crl), .dflt = "no" },
        { FR_CONF_OFFSET("allow_expired_crl", FR_TYPE_BOOL, fr_tls_verify_conf_t, allow_expired_crl) },
        CONF_PARSER_TERMINATOR
Mirror of https://github.com/FreeRADIUS/freeradius-server.git