[checkmk-commits] 6184 FIX LDAP: LDAP connection was not correctly using the sites trusted CAs

Module: check_mk Branch: master Commit: 9ebf08d3e9ca033e387c3b185c2e16a0c5f27619 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9ebf08d3e9ca03… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Mon May 28 17:20:26 2018 +0200 6184 FIX LDAP: LDAP connection was not correctly using the sites trusted CAs Change-Id: I226a3aac078f510b0f4a74c1cf5010c289490bef --- .werks/6184 | 11 +++++++++++ web/plugins/userdb/ldap.py | 2 ++ 2 files changed, 13 insertions(+) diff --git a/.werks/6184 b/.werks/6184 new file mode 100644 index 0000000..6fe0476 --- /dev/null +++ b/.werks/6184 @@ -0,0 +1,11 @@ +Title: LDAP: LDAP connection was not correctly using the sites trusted CAs +Level: 1 +Component: wato +Class: fix +Compatible: compat +Edition: cre +State: unknown +Version: 1.6.0i1 +Date: 1527520797 + + diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py index f58d2ca..0aa505b 100644 --- a/web/plugins/userdb/ldap.py +++ b/web/plugins/userdb/ldap.py @@ -232,6 +232,8 @@ class LDAPUserConnector(UserConnector): conn.set_option(ldap.OPT_X_TLS_CACERTFILE, "%s/var/ssl/ca-certificates.crt" % cmk.paths.omd_root) + conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0) + self.default_bind(conn) return conn, None