do not use start tls on ldaps connection, as this produce a traceback

author: Michael Scherer <misc@mageia.org> 2012-01-28 11:12:17 +0000
committer: Michael Scherer <misc@mageia.org> 2012-01-28 11:12:17 +0000
commit: 1ac1aa92b942acfe999171f7cc7ad648590c0479 (patch)
tree: f8d8c69987e1797e23da02bdbfe3ac1f63917351 /modules/openssh/templates
parent: 218d13f6adbeba1b2e837d6cbfa09154eeba2638 (diff)
download: puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar
puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar.gz
puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar.bz2
puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar.xz
puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/modules/openssh/templates/ldap-sshkey2file.py b/modules/openssh/templates/ldap-sshkey2file.py
index a36775f1..eb8456ab 100755
--- a/modules/openssh/templates/ldap-sshkey2file.py
+++ b/modules/openssh/templates/ldap-sshkey2file.py
@@ -71,7 +71,8 @@ bindpw = get_pw(pwfile)
 try:
     ld = ldap.initialize(uri)
     ld.set_option(ldap.OPT_NETWORK_TIMEOUT, timeout)
-    ld.start_tls_s()
+    if uri.startswith("ldap:/"):
+        ld.start_tls_s()
     ld.bind_s(binddn, bindpw)
     res = ld.search_s(peopledn, ldap.SCOPE_ONELEVEL, filter, ['uid','sshPublicKey','uidNumber','gidNumber'])
     try:
author	Michael Scherer <misc@mageia.org>	2012-01-28 11:12:17 +0000
committer	Michael Scherer <misc@mageia.org>	2012-01-28 11:12:17 +0000
commit	1ac1aa92b942acfe999171f7cc7ad648590c0479 (patch)
tree	f8d8c69987e1797e23da02bdbfe3ac1f63917351 /modules/openssh/templates
parent	218d13f6adbeba1b2e837d6cbfa09154eeba2638 (diff)
download	puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar.gz puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar.bz2 puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.tar.xz puppet-1ac1aa92b942acfe999171f7cc7ad648590c0479.zip