Module: check_mk
Branch: master
Commit: 9ebf08d3e9ca033e387c3b185c2e16a0c5f27619
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9ebf08d3e9ca03…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon May 28 17:20:26 2018 +0200
6184 FIX LDAP: LDAP connection was not correctly using the sites trusted CAs
Change-Id: I226a3aac078f510b0f4a74c1cf5010c289490bef
---
.werks/6184 | 11 +++++++++++
web/plugins/userdb/ldap.py | 2 ++
2 files changed, 13 insertions(+)
diff --git a/.werks/6184 b/.werks/6184
new file mode 100644
index 0000000..6fe0476
--- /dev/null
+++ b/.werks/6184
@@ -0,0 +1,11 @@
+Title: LDAP: LDAP connection was not correctly using the sites trusted CAs
+Level: 1
+Component: wato
+Class: fix
+Compatible: compat
+Edition: cre
+State: unknown
+Version: 1.6.0i1
+Date: 1527520797
+
+
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index f58d2ca..0aa505b 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -232,6 +232,8 @@ class LDAPUserConnector(UserConnector):
conn.set_option(ldap.OPT_X_TLS_CACERTFILE,
"%s/var/ssl/ca-certificates.crt" %
cmk.paths.omd_root)
+ conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
+
self.default_bind(conn)
return conn, None