u/pc/rhodecode-enterprise-ce-fork-pc Commit - r3227:75c71c31

ldap: ensure the proper cert files and dirs are set....

marcink -

r3227:75c71c31 default

parent child

rhodecode/authentication/plugins/auth_ldap.py

0 +9 -2

              RhodeCode authentication plugin for LDAP
              """
+             import os
              import logging
              import traceback
                      if self.debug:
                          ldap.set_option(ldap.OPT_DEBUG_LEVEL, 255)
-                     if hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
-                         ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, '/etc/openldap/cacerts')
+                     default_cert_path = os.environ.get('SSL_CERT_FILE')
+                     default_cert_dir = os.environ.get('SSL_CERT_DIR', '/etc/openldap/cacerts')
+                     if default_cert_path and hasattr(ldap, 'OPT_X_TLS_CACERTFILE'):
+                         ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, default_cert_path)
+                     elif hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
+                             ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, default_cert_dir)
                      if self.TLS_KIND != 'PLAIN':
                          ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, self.TLS_REQCERT)

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages