connector/ldap: Always set tls.Config.ServerName, to support LDAP servers with public CA certs.
This commit is contained in:
parent
a2b78c28fc
commit
384ac87deb
@ -212,7 +212,7 @@ func (c *Config) OpenConnector() (interface {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
tlsConfig := new(tls.Config)
|
tlsConfig := &tls.Config{ServerName: host}
|
||||||
if c.RootCA != "" || len(c.RootCAData) != 0 {
|
if c.RootCA != "" || len(c.RootCAData) != 0 {
|
||||||
data := c.RootCAData
|
data := c.RootCAData
|
||||||
if len(data) == 0 {
|
if len(data) == 0 {
|
||||||
@ -226,9 +226,6 @@ func (c *Config) OpenConnector() (interface {
|
|||||||
return nil, fmt.Errorf("ldap: no certs found in ca file")
|
return nil, fmt.Errorf("ldap: no certs found in ca file")
|
||||||
}
|
}
|
||||||
tlsConfig.RootCAs = rootCAs
|
tlsConfig.RootCAs = rootCAs
|
||||||
// NOTE(ericchiang): This was required for our internal LDAP server
|
|
||||||
// but might be because of an issue with our root CA.
|
|
||||||
tlsConfig.ServerName = host
|
|
||||||
}
|
}
|
||||||
userSearchScope, ok := parseScope(c.UserSearch.Scope)
|
userSearchScope, ok := parseScope(c.UserSearch.Scope)
|
||||||
if !ok {
|
if !ok {
|
||||||
|
Reference in New Issue
Block a user