u/pc/rhodecode-enterprise-ce-fork-pc Commit - r3227:75c71c31

ldap: ensure the proper cert files and dirs are set....

marcink -

r3227:75c71c31 default

parent child

rhodecode/authentication/plugins/auth_ldap.py

0 +9 -2

             RhodeCode authentication plugin for LDAP
             """
+            import os
             import logging
             import traceback
                     if self.debug:
                         ldap.set_option(ldap.OPT_DEBUG_LEVEL, 255)
-                    if hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
+                    default_cert_path = os.environ.get('SSL_CERT_FILE')
-                        ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, '/etc/openldap/cacerts')
+                    default_cert_dir = os.environ.get('SSL_CERT_DIR', '/etc/openldap/cacerts')
+                    if default_cert_path and hasattr(ldap, 'OPT_X_TLS_CACERTFILE'):
+                        ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, default_cert_path)
+                    elif hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
+                            ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, default_cert_dir)
                     if self.TLS_KIND != 'PLAIN':
                         ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, self.TLS_REQCERT)

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages