Commit cd13e4ae authored by Michael Kozono's avatar Michael Kozono

Verify certificates in `omniauth-ldap`

parent 612b3864
...@@ -62,7 +62,8 @@ module Gitlab ...@@ -62,7 +62,8 @@ module Gitlab
base: base, base: base,
encryption: options['encryption'], encryption: options['encryption'],
filter: omniauth_user_filter, filter: omniauth_user_filter,
name_proc: name_proc name_proc: name_proc,
disable_verify_certificates: !options['verify_certificates']
) )
if has_auth? if has_auth?
......
...@@ -238,6 +238,36 @@ describe Gitlab::LDAP::Config, lib: true do ...@@ -238,6 +238,36 @@ describe Gitlab::LDAP::Config, lib: true do
password: 'super_secret' password: 'super_secret'
) )
end end
context 'when verify_certificates is enabled' do
it 'specifies disable_verify_certificates as false' do
stub_ldap_config(
options: {
'host' => 'ldap.example.com',
'port' => 686,
'encryption' => 'simple_tls',
'verify_certificates' => true
}
)
expect(config.omniauth_options).to include({ disable_verify_certificates: false })
end
end
context 'when verify_certificates is disabled' do
it 'specifies disable_verify_certificates as true' do
stub_ldap_config(
options: {
'host' => 'ldap.example.com',
'port' => 686,
'encryption' => 'simple_tls',
'verify_certificates' => false
}
)
expect(config.omniauth_options).to include({ disable_verify_certificates: true })
end
end
end end
describe '#has_auth?' do describe '#has_auth?' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment