]> git.decadent.org.uk Git - dak.git/commit
projects / dak.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1b6b5ca) | patch
Re-enable TLS for LDAP
authorAnsgar Burchardt <ansgar@debian.org>
Mon, 18 May 2015 18:48:40 +0000 (20:48 +0200)
committerAnsgar Burchardt <ansgar@debian.org>
Mon, 18 May 2015 18:50:13 +0000 (20:50 +0200)
commit81ab2a927229365202670424f6b9bf55836da528
tree97e0c3e2da88c64293ffdb9935f275f2404eeedftree | snapshot
parent1b6b5cae83a56194087eff375bbe37022bd32094commit | diff
Re-enable TLS for LDAP

CACERTFILE now must point to a CA, using service certificates directly
doesn't work.

Also use per-connection settings for TLS. Note that the order of
set_option calls matters (setting ldap.OPT_X_TLS_NEWCTX first
fails)...
config/debian-security/dak.conf diff | blob | history
config/debian/dak.conf diff | blob | history
daklib/dbconn.py diff | blob | history
dak changes to support and test code signing