added tls as option

master
unit 2021-02-08 18:21:31 +01:00
parent ced4a29aed
commit 7a3d365928
2 changed files with 3 additions and 1 deletions

3
app.py
View File

@ -58,7 +58,8 @@ def ldap_change_password(username, old, new):
l = ldap.initialize(CONF['ldap']['host']) l = ldap.initialize(CONF['ldap']['host'])
l.set_option(ldap.OPT_X_TLS_CACERTFILE, CONF['ldap']['tls_cacert']) l.set_option(ldap.OPT_X_TLS_CACERTFILE, CONF['ldap']['tls_cacert'])
l.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND) l.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND)
l.start_tls_s() if CONF['ldap']['tls'] == "True":
l.start_tls_s()
l.simple_bind_s(dn_name, old) l.simple_bind_s(dn_name, old)
l.passwd_s(dn_name, old, new) l.passwd_s(dn_name, old, new)
l.unbind_s() l.unbind_s()

View File

@ -4,6 +4,7 @@ page_title = Change your password on unit.macaomilano.org
[ldap] [ldap]
host = ldap://unit.macaomilano.org:389 host = ldap://unit.macaomilano.org:389
base = ou=Hackers,dc=unit,dc=macaomilano,dc=org base = ou=Hackers,dc=unit,dc=macaomilano,dc=org
tls = True
tls_cacert = /etc/ssl/cert.pem tls_cacert = /etc/ssl/cert.pem
[server] [server]