Take peer verification config into account in verify function

This works around a limitation in the ssl module, which does not honour verify_none
author: Emile Joubert <emile@rabbitmq.com> 2010-08-24 14:56:27 +0100
committer: Emile Joubert <emile@rabbitmq.com> 2010-08-24 14:56:27 +0100
commit: 7585c95b3afb1dcb10f1641d415a93e99886294d (patch)
tree: 7da2ff00b53cd5847e940ba3d62e8c8bac93e7ff /src
parent: 74c283c36726b52b17e44a9400c80ab31ab46abf (diff)
download: rabbitmq-server-git-7585c95b3afb1dcb10f1641d415a93e99886294d.tar.gz
1 files changed, 9 insertions, 3 deletions
diff --git a/src/rabbit_networking.erl b/src/rabbit_networking.erl
index 5457bde4c0..4c3b9bbd0c 100644
--- a/src/rabbit_networking.erl
+++ b/src/rabbit_networking.erl
@@ -108,9 +108,15 @@ boot_ssl() ->
         {ok, SslListeners} ->
             ok = rabbit_misc:start_applications([crypto, public_key, ssl]),
             {ok, SslOptsConfig} = application:get_env(ssl_options),
-            SslOpts = [{verify_fun, fun([])    -> true;
-                                       ([_|_]) -> false
-                                    end} | SslOptsConfig],
+            VerifyFun =
+              fun([])    -> true;
+                 ([_|_]) ->
+                case proplists:get_value(verify, SslOptsConfig, verify_none) of
+                  verify_none -> true;
+                  verify_peer -> false
+                end
+              end,
+            SslOpts = [{verify_fun, VerifyFun} | SslOptsConfig],
             [start_ssl_listener(Host, Port, SslOpts) || {Host, Port} <- SslListeners],
             ok
     end.
author	Emile Joubert <emile@rabbitmq.com>	2010-08-24 14:56:27 +0100
committer	Emile Joubert <emile@rabbitmq.com>	2010-08-24 14:56:27 +0100
commit	7585c95b3afb1dcb10f1641d415a93e99886294d (patch)
tree	7da2ff00b53cd5847e940ba3d62e8c8bac93e7ff /src
parent	74c283c36726b52b17e44a9400c80ab31ab46abf (diff)
download	rabbitmq-server-git-7585c95b3afb1dcb10f1641d415a93e99886294d.tar.gz