-
Notifications
You must be signed in to change notification settings - Fork 130
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dogtag uses deprecated/removed python-ldap constants #4081
Comments
tiran
added a commit
to tiran/pki
that referenced
this issue
Jul 29, 2022
- `OPT_X_TLS` is deprecated since python-ldap 3.3.0 and was removed in 3.4.2. - `OPT_X_TLS_DEMAND` is not a valid option key. `ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)` is sufficient to enforce cert validation. Closes: dogtagpki#4081
Alexander has created downstream RHBZ https://bugzilla.redhat.com/show_bug.cgi?id=2112243 for the issue. It blocks Fedora Rawhide update of python-ldap. |
ckelleyRH
pushed a commit
that referenced
this issue
Nov 21, 2022
- `OPT_X_TLS` is deprecated since python-ldap 3.3.0 and was removed in 3.4.2. - `OPT_X_TLS_DEMAND` is not a valid option key. `ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)` is sufficient to enforce cert validation. Closes: #4081
ckelleyRH
pushed a commit
that referenced
this issue
Nov 21, 2022
- `OPT_X_TLS` is deprecated since python-ldap 3.3.0 and was removed in 3.4.2. - `OPT_X_TLS_DEMAND` is not a valid option key. `ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)` is sufficient to enforce cert validation. Closes: #4081
ckelleyRH
pushed a commit
that referenced
this issue
Nov 21, 2022
- `OPT_X_TLS` is deprecated since python-ldap 3.3.0 and was removed in 3.4.2. - `OPT_X_TLS_DEMAND` is not a valid option key. `ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)` is sufficient to enforce cert validation. Closes: #4081
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Dogtag uses deprecated python-ldap constants, which have been removed in latest python-ldap 3.4.2.
pki/base/server/python/pki/server/deployment/__init__.py
Lines 184 to 200 in 009de42
OPT_X_TLS
is deprecated in OpenLDAP and was removed in python-ldap 3.4.2.OPT_X_TLS_DEMAND
is not a valid option key. It is an option value.I propose to remove both calls.
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)
is sufficient to enforce cert validation.The text was updated successfully, but these errors were encountered: