net/ldaptool
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

enable tls unless kerberos is used (SASL GSS-API doesn't seem to work over TLS)

Browse Source
This commit is contained in:
Stefan Bühler 2023-04-28 17:20:46 +02:00
parent 46f54cb918
commit a08154cff8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ldaptool/search/_search.py
View File

@ -21,7 +21,7 @@ def search(*, config: Config, arguments: Arguments) -> typing.Iterable[Result]:
if not arguments.base: if not arguments.base:
arguments.base = realm.default_base(gc=arguments.gc) arguments.base = realm.default_base(gc=arguments.gc)
ldap_con = ldap.initialize(realm.ldap_uri(gc=arguments.gc, tls=False, server=arguments.server)) ldap_con = ldap.initialize(realm.ldap_uri(gc=arguments.gc, tls=not arguments.krb, server=arguments.server))
ldap_con.set_option(ldap.OPT_REFERRALS, 0) ldap_con.set_option(ldap.OPT_REFERRALS, 0)
if arguments.krb: if arguments.krb:
ldap_con.sasl_gssapi_bind_s() ldap_con.sasl_gssapi_bind_s()