mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #689 from cjyar/master

Browse source 
connector/ldap: Always set tls.Config.ServerName, to support LDAP ser…
This commit is contained in:
Eric Chiang 2016-11-15 13:44:43 -08:00 committed by GitHub
commit 13a1ebe053
1 changed files with 1 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
connector/ldap/ldap.go
View file

@ -212,7 +212,7 @@ func (c *Config) OpenConnector() (interface {
} }
} }
tlsConfig := new(tls.Config) tlsConfig := &tls.Config{ServerName: host}
if c.RootCA != "" || len(c.RootCAData) != 0 { if c.RootCA != "" || len(c.RootCAData) != 0 {
data := c.RootCAData data := c.RootCAData
if len(data) == 0 { if len(data) == 0 {
@ -226,9 +226,6 @@ func (c *Config) OpenConnector() (interface {
return nil, fmt.Errorf("ldap: no certs found in ca file") return nil, fmt.Errorf("ldap: no certs found in ca file")
} }
tlsConfig.RootCAs = rootCAs tlsConfig.RootCAs = rootCAs
// NOTE(ericchiang): This was required for our internal LDAP server
// but might be because of an issue with our root CA.
tlsConfig.ServerName = host
} }
userSearchScope, ok := parseScope(c.UserSearch.Scope) userSearchScope, ok := parseScope(c.UserSearch.Scope)
if !ok { if !ok {