From 0db697f25cc0b2416cde5ed02bb74fa40904d87e Mon Sep 17 00:00:00 2001
From: Thomas Backlund <tmb@mageia.org>
Date: Sun, 4 Mar 2018 00:44:37 +0200
Subject: sympa: update for infra_6 ldap connections

---
 modules/sympa/templates/auth.conf                    | 4 +++-
 modules/sympa/templates/data_sources/ldap_group.incl | 3 ++-
 modules/sympa/templates/search_filters/group.ldap    | 4 +++-
 3 files changed, 8 insertions(+), 3 deletions(-)

(limited to 'modules')

diff --git a/modules/sympa/templates/auth.conf b/modules/sympa/templates/auth.conf
index 203dfe7c..854fdf9c 100644
--- a/modules/sympa/templates/auth.conf
+++ b/modules/sympa/templates/auth.conf
@@ -6,7 +6,9 @@ ldap
         get_dn_by_email_filter          (|(mail=[sender])(mailalternateaddress=[sender]))
         email_attribute                 mail
         scope                           sub
-        use_ssl                         1
+        use_tls                         ldaps
+        ssl_version                     tlsv1_2
+        ca_verify                       none
         bind_dn                         cn=sympa-<%= hostname %>,ou=System Accounts,<%= dc_suffix %>
         bind_password                   <%= scope.lookupvar("sympa::server::ldap_password") %>
         authentication_info_url         <%= authentication_info_url %>
diff --git a/modules/sympa/templates/data_sources/ldap_group.incl b/modules/sympa/templates/data_sources/ldap_group.incl
index f6283d2f..609a7e42 100644
--- a/modules/sympa/templates/data_sources/ldap_group.incl
+++ b/modules/sympa/templates/data_sources/ldap_group.incl
@@ -1,7 +1,8 @@
 include_ldap_2level_query
         host     ldap.<%= domain %>
-        use_ssl  yes
+        use_tls  ldaps
         ssl_version tlsv1_2
+        ca_verify none
         user     cn=sympa-<%= hostname %>,ou=System Accounts,<%= dc_suffix %>
         passwd   <%= scope.lookupvar("sympa::server::ldap_password") %>
         suffix1  ou=Group,<%= dc_suffix %>
diff --git a/modules/sympa/templates/search_filters/group.ldap b/modules/sympa/templates/search_filters/group.ldap
index b4dc7117..884e0db1 100644
--- a/modules/sympa/templates/search_filters/group.ldap
+++ b/modules/sympa/templates/search_filters/group.ldap
@@ -1,7 +1,9 @@
 host        ldap.<%= domain %>:636
 bind_dn     cn=sympa-<%= hostname %>,ou=System Accounts,<%= dc_suffix %>
 bind_password <%= scope.lookupvar("sympa::server::ldap_password") %>
-use_ssl  yes
+use_tls     ldaps
+ssl_version tlsv1_2
+ca_verify   none
 suffix      ou=People,<%= dc_suffix %>
 filter      (&(mail=[sender])(memberOf=cn=<%= name %>,ou=Group,<%= dc_suffix %>))
 scope       sub
-- 
cgit v1.2.1