X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=daklib%2Fdbconn.py;h=432ddf8a0cad7c84cf08cb78d467544b4c415845;hb=03a86547e5d9b209016cc0b23f825d3baea92f8c;hp=4d1035c2d79d33934bb11facf9445ab13f49c0c1;hpb=b8a54f3492341b5fe6d754374927cb52fb03ae49;p=dak.git

diff --git a/daklib/dbconn.py b/daklib/dbconn.py
index 4d1035c2..432ddf8a 100644
--- a/daklib/dbconn.py
+++ b/daklib/dbconn.py
@@ -1232,15 +1232,9 @@ class Keyring(object):
         l = ldap.open(LDAPServer)
 
         if ca_cert_file:
-            # TODO: This should request a new context and use
-            # connection-specific options (i.e. "l.set_option(...)")
-
-            # Request a new TLS context. If there was already one, libldap
-            # would not change the TLS options (like which CAs to trust).
-            #l.set_option(ldap.OPT_X_TLS_NEWCTX, True)
-            ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_HARD)
-            #ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, None)
-            ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, ca_cert_file)
+            l.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_HARD)
+            l.set_option(ldap.OPT_X_TLS_CACERTFILE, ca_cert_file)
+            l.set_option(ldap.OPT_X_TLS_NEWCTX, True)
             l.start_tls_s()
 
         l.simple_bind_s("","")
@@ -2651,6 +2645,7 @@ class DBConn(object):
             'obsolete_any_associations',
             'obsolete_any_by_all_associations',
             'obsolete_src_associations',
+            'package_list',
             'source_suite',
             'src_associations_bin',
             'src_associations_src',