Revision 8501
Added by Jing Tao almost 11 years ago
| src/perl/ldapweb.cgi | ||
|---|---|---|
| 883 | 883 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 884 | 884 |
|
| 885 | 885 |
if ($ldap) {
|
| 886 |
$ldap->start_tls( verify => 'require', |
|
| 887 |
cafile => $ldapServerCACertFile); |
|
| 886 |
$ldap->start_tls( verify => 'none'); |
|
| 887 |
#$ldap->start_tls( verify => 'require', |
|
| 888 |
# cafile => $ldapServerCACertFile); |
|
| 888 | 889 |
my $bindresult = $ldap->bind; |
| 889 | 890 |
if ($bindresult->code) {
|
| 890 | 891 |
return $entry; |
| ... | ... | |
| 993 | 994 |
debug("findExistingAccounts: connecting to $ldapurl, $timeout");
|
| 994 | 995 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 995 | 996 |
if ($ldap) {
|
| 996 |
#$ldap->start_tls( verify => 'none');
|
|
| 997 |
$ldap->start_tls( verify => 'require', |
|
| 998 |
cafile => $ldapServerCACertFile); |
|
| 997 |
$ldap->start_tls( verify => 'none'); |
|
| 998 |
#$ldap->start_tls( verify => 'require',
|
|
| 999 |
# cafile => $ldapServerCACertFile);
|
|
| 999 | 1000 |
$ldap->bind( version => 3, anonymous => 1); |
| 1000 | 1001 |
$mesg = $ldap->search ( |
| 1001 | 1002 |
base => $base, |
Also available in: Unified diff
Use the verity=>none for start_tls method on some search methods.
These methods will search the referral servers, some of which is using self-signed certificate. There is a difficuty to verify it.
The search methods don't have any critical data, so the down-grade doesn't have too much impact.