From 21701a1299cd6b64db5b2fb3765f578ff1f9fc6b Mon Sep 17 00:00:00 2001
From: Ailin Nemui <ailin@d5401s.localdomain>
Date: Tue, 31 Aug 2021 17:29:43 +0200
Subject: [PATCH] do not unconditionally enable tls on /connect -!

---
 src/core/servers-setup.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/core/servers-setup.c b/src/core/servers-setup.c
index b1f57a99..82e5f6be 100644
--- a/src/core/servers-setup.c
+++ b/src/core/servers-setup.c
@@ -191,8 +191,10 @@ static void server_setup_fill_optlist(SERVER_CONNECT_REC *conn, GHashTable *optl
 
 	/* ad-hoc TLS settings from command optlist */
 	if ((tmp = g_hash_table_lookup(optlist, "tls_cert")) != NULL ||
-	    (tmp = g_hash_table_lookup(optlist, "ssl_cert")) != NULL)
+	    (tmp = g_hash_table_lookup(optlist, "ssl_cert")) != NULL) {
 		conn->tls_cert = g_strdup(tmp);
+		conn->use_tls = TRUE;
+	}
 	if ((tmp = g_hash_table_lookup(optlist, "tls_pkey")) != NULL ||
 	    (tmp = g_hash_table_lookup(optlist, "ssl_pkey")) != NULL)
 		conn->tls_pkey = g_strdup(tmp);
@@ -220,10 +222,10 @@ static void server_setup_fill_optlist(SERVER_CONNECT_REC *conn, GHashTable *optl
 	if (g_hash_table_lookup(optlist, "notls_verify") != NULL)
 		conn->tls_verify = FALSE;
 	if (g_hash_table_lookup(optlist, "tls_verify") != NULL ||
-	    g_hash_table_lookup(optlist, "ssl_verify") != NULL)
+	    g_hash_table_lookup(optlist, "ssl_verify") != NULL) {
 		conn->tls_verify = TRUE;
-	if ((conn->tls_cert != NULL && conn->tls_cert[0] != '\0') || conn->tls_verify)
 		conn->use_tls = TRUE;
+	}
 	if (g_hash_table_lookup(optlist, "notls") != NULL)
 		conn->use_tls = FALSE;
 	if (g_hash_table_lookup(optlist, "tls") != NULL ||