1
0
mirror of https://github.com/dkmstr/openuds.git synced 2024-12-22 13:34:04 +03:00

Small ldaputil fix (moved newctx to last ssl instruction before connect)

This commit is contained in:
Adolfo Gómez García 2023-04-04 01:51:46 +02:00
parent 636b72a471
commit ea343659ff
No known key found for this signature in database
GPG Key ID: DD1ABF20724CDA23

View File

@ -113,11 +113,12 @@ def connection(
if not verify_ssl:
l.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) # type: ignore
l.set_option(ldap.OPT_X_TLS_NEWCTX, 0) # type: ignore
# Disable TLS1 and TLS1.1
# 0x304 = TLS1.3, 0x303 = TLS1.2, 0x302 = TLS1.1, 0x301 = TLS1.0, but use ldap module constants
l.set_option(ldap.OPT_X_TLS_PROTOCOL_MIN, ldap.OPT_X_TLS_PROTOCOL_TLS1_2) # type: ignore
l.set_option(ldap.OPT_X_TLS_NEWCTX, 0) # type: ignore
l.simple_bind_s(who=username, cred=password)
except ldap.SERVER_DOWN as e: # type: ignore
raise LDAPError(_('Can\'t contact LDAP server') + ': {}'.format(e))