From 7cf89887c3a77a65b1eb59373936fa8cd82a66a2 Mon Sep 17 00:00:00 2001
From: Wojtek Mach <wojtek@wojtekmach.pl>
Date: Mon, 1 Jul 2024 14:17:28 +0200
Subject: [PATCH] Remove `Application.ensure_all_started(:ssl)`

We already have `:ssl` in `:extra_applications`.
---
 lib/tds/protocol.ex | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/lib/tds/protocol.ex b/lib/tds/protocol.ex
index f899704..e81b498 100644
--- a/lib/tds/protocol.ex
+++ b/lib/tds/protocol.ex
@@ -423,7 +423,23 @@ defmodule Tds.Protocol do
   end
 
   defp ssl_connect(%{sock: {:gen_tcp, sock}, opts: opts} = s) do
-    {:ok, _} = Application.ensure_all_started(:ssl)
+    {ssl_opts, opts} =
+      case Keyword.pop(opts, :ssl, false) do
+        {false, opts} ->
+          {nil, opts}
+
+        {true, opts} ->
+          Logger.warning(
+            "setting ssl: true on your database connection offers only limited protection, " <>
+              "as the server's certificate is not verified. Set \"ssl: [cacertfile: \"/path/to/cacert.crt\"]\" instead"
+          )
+
+          # Read ssl_opts for backwards compatibility
+          Keyword.pop(opts, :ssl_opts, [])
+
+        {ssl_opts, opts} when is_list(ssl_opts) ->
+          {Keyword.merge(default_ssl_opts(), ssl_opts), opts}
+      end
 
     case Tds.Tls.connect(sock, opts[:ssl_opts] || []) do
       {:ok, ssl_sock} ->