[sysadmin-bin] Make sure we pass on the correct CA for the LDAP service

From: Andrea Veri <averi src gnome org>
To: gnome-sysadmin gnome org,commits-list gnome org
Subject: [sysadmin-bin] Make sure we pass on the correct CA for the LDAP service
Date: Mon, 1 Oct 2018 14:43:05 +0000 (UTC)

commit 4cb75b4e85fa878ac8441eb912c61a24b6677707
Author: Andrea Veri <averi redhat com>
Date:   Mon Oct 1 16:42:02 2018 +0200

    Make sure we pass on the correct CA for the LDAP service

 gnome_ldap_utils.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
---
diff --git a/gnome_ldap_utils.py b/gnome_ldap_utils.py
index 66ee5ca..6d6e71e 100755
--- a/gnome_ldap_utils.py
+++ b/gnome_ldap_utils.py
@@ -2,7 +2,7 @@
 
 class Gnome_ldap_utils:
 
-    def __init__(self, LDAP_GROUP_BASE, LDAP_HOST, LDAP_USER_BASE, LDAP_USER, LDAP_PASSWORD):
+    def __init__(self, LDAP_GROUP_BASE, LDAP_HOST, LDAP_USER_BASE, LDAP_USER, LDAP_PASSWORD, LDAP_CA_PATH):
         import ldap
         import sys
 
@@ -11,8 +11,11 @@ class Gnome_ldap_utils:
         self.LDAP_USER = LDAP_USER
         self.LDAP_PASSWORD = LDAP_PASSWORD
         self.LDAP_HOST = LDAP_HOST
+        self.LDAP_CA_PATH = LDAP_CA_PATH
 
         try:
+            ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, self.LDAP_CA_PATH)
+
             self.conn = ldap.initialize("ldaps://%s:636" % self.LDAP_HOST)
             self.conn.simple_bind_s(self.LDAP_USER, self.LDAP_PASSWORD)
         except ldap.LDAPError, e:

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]