From 7a3d365928ffe0874e6dd8f7ee8ac675a6662b03 Mon Sep 17 00:00:00 2001
From: unit <6797-unit@users.noreply.0xacab.org>
Date: Mon, 8 Feb 2021 18:21:31 +0100
Subject: [PATCH] added tls as option

---
 app.py       | 3 ++-
 settings.ini | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/app.py b/app.py
index b4fa732..21b5251 100755
--- a/app.py
+++ b/app.py
@@ -58,7 +58,8 @@ def ldap_change_password(username, old, new):
     l = ldap.initialize(CONF['ldap']['host'])
     l.set_option(ldap.OPT_X_TLS_CACERTFILE, CONF['ldap']['tls_cacert'])
     l.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND)
-    l.start_tls_s()
+    if CONF['ldap']['tls'] == "True":
+        l.start_tls_s()
     l.simple_bind_s(dn_name, old)
     l.passwd_s(dn_name, old, new)
     l.unbind_s()
diff --git a/settings.ini b/settings.ini
index 2973da2..130f9f5 100644
--- a/settings.ini
+++ b/settings.ini
@@ -4,6 +4,7 @@ page_title = Change your password on unit.macaomilano.org
 [ldap]
 host = ldap://unit.macaomilano.org:389
 base = ou=Hackers,dc=unit,dc=macaomilano,dc=org
+tls = True
 tls_cacert = /etc/ssl/cert.pem
 
 [server]