From 4c6084ab6841809e09a387f1cb8d31668ce6d2e9 Mon Sep 17 00:00:00 2001
From: Robert Scheck <robert@fedoraproject.org>
Date: Thu, 28 Jan 2021 11:31:50 +0100
Subject: [PATCH] Repair LDAP_REJECT_UNAUTHORIZED=false (broken by commit
 31f8912, fixes #3493)

Previous commit 31f89121fecca5a761b05cc3a26d4f237e90b484 happened to fix
CVE-2021-3309, but unfortunately breaks LDAP_REJECT_UNAUTHORIZED=false.
---
 packages/wekan-ldap/server/ldap.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/wekan-ldap/server/ldap.js b/packages/wekan-ldap/server/ldap.js
index fb522e2f3..28d053f32 100644
--- a/packages/wekan-ldap/server/ldap.js
+++ b/packages/wekan-ldap/server/ldap.js
@@ -19,7 +19,7 @@ export default class LDAP {
       idle_timeout                       : this.constructor.settings_get('LDAP_IDLE_TIMEOUT'),
       encryption                         : this.constructor.settings_get('LDAP_ENCRYPTION'),
       ca_cert                            : this.constructor.settings_get('LDAP_CA_CERT'),
-      reject_unauthorized                : this.constructor.settings_get('LDAP_REJECT_UNAUTHORIZED') || true,
+      reject_unauthorized                : this.constructor.settings_get('LDAP_REJECT_UNAUTHORIZED') !== undefined ? this.constructor.settings_get('LDAP_REJECT_UNAUTHORIZED') : true,
       Authentication                     : this.constructor.settings_get('LDAP_AUTHENTIFICATION'),
       Authentication_UserDN              : this.constructor.settings_get('LDAP_AUTHENTIFICATION_USERDN'),
       Authentication_Password            : this.constructor.settings_get('LDAP_AUTHENTIFICATION_PASSWORD'),