From 170f8f79628db12c6660d7dde861e906882c3e5f Mon Sep 17 00:00:00 2001
From: robobun <robobun@oven.sh>
Date: Mon, 19 Jan 2026 22:47:18 -0800
Subject: [PATCH] fix(tls): use correct variable in setVerifyMode (#26255)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

## Summary
- Fix typo in `setVerifyMode` where `reject_unauthorized` was
incorrectly reading from `request_cert_js` instead of
`reject_unauthorized_js`

## Test plan
- Existing TLS renegotiation tests pass
- Code inspection shows the fix is correct (simple variable name typo)

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Claude Bot <claude-bot@bun.sh>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
---
 src/bun.js/api/bun/socket/tls_socket_functions.zig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/bun.js/api/bun/socket/tls_socket_functions.zig b/src/bun.js/api/bun/socket/tls_socket_functions.zig
index dca683de4e..5277aa7798 100644
--- a/src/bun.js/api/bun/socket/tls_socket_functions.zig
+++ b/src/bun.js/api/bun/socket/tls_socket_functions.zig
@@ -556,7 +556,7 @@ pub fn setVerifyMode(this: *This, globalObject: *jsc.JSGlobalObject, callframe:
     }
 
     const request_cert = request_cert_js.toBoolean();
-    const reject_unauthorized = request_cert_js.toBoolean();
+    const reject_unauthorized = reject_unauthorized_js.toBoolean();
     var verify_mode: c_int = BoringSSL.SSL_VERIFY_NONE;
     if (this.isServer()) {
         if (request_cert) {