Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CodeChecker server connects to untrusted LDAPS server for authentication #3082

Closed
jimis opened this issue Dec 8, 2020 · 2 comments · Fixed by #3083
Closed

CodeChecker server connects to untrusted LDAPS server for authentication #3082

jimis opened this issue Dec 8, 2020 · 2 comments · Fixed by #3083
Labels
server 🖥️
Milestone
release 6.15.1

Comments

@jimis
Copy link
Contributor

jimis commented Dec 8, 2020

No description provided.

@csordasmarton
Copy link
Contributor

@jimis Could you please describe this problem a little bit more? For example how can we reproduce the problem?

@jimis jimis mentioned this issue Dec 8, 2020
Merged
@jimis
Copy link
Contributor Author

jimis commented Dec 8, 2020
edited
Loading

@csordasmarton to verify you just set an untrusted LDAP server to connect to via "ldaps" (EDIT: for example with a self-signed certificate for the server). Authentication will just work, while it shouldn't.

With #3083 you will get an error instead like this:

[DEBUG] - cc_ldap.py:340 auth_user() - Creating SERVICE connection...
[DEBUG] - cc_ldap.py:248 __init__() - Binding to LDAP server with user: USERNAME
[DEBUG] - cc_ldap.py:257 __init__() - Binding with credential: USERNAME
[ERROR] - cc_ldap.py:137 ldap_error_handler() - LDAP Error: {'desc': "Can't contact LDAP server", 'info': '(unknown error code)'}
[DEBUG] - cc_ldap.py:278 __init__() - Server bind failed.
[ERROR] - cc_ldap.py:346 auth_user() - Please check your LDAP server authentication credentials.
[ERROR] - cc_ldap.py:348 auth_user() - Configured username: USERNAME

@csordasmarton csordasmarton added this to the release 6.16.0 milestone Dec 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
server 🖥️
Projects
None yet
Milestone
release 6.15.1
Development

Successfully merging a pull request may close this issue.

[server] Verify TLS certificate in LDAPS connections jimis/codechecker
2 participants
@jimis @csordasmarton