Revert "drop overrids - LDAP has it on its own"

author Stephen Gran <steve@lobefin.net>

Sun, 2 Mar 2014 08:24:15 +0000 (08:24 +0000)

committer Stephen Gran <steve@lobefin.net>

Sun, 2 Mar 2014 08:24:15 +0000 (08:24 +0000)
author Stephen Gran <steve@lobefin.net>
Sun, 2 Mar 2014 08:24:15 +0000 (08:24 +0000)
committer Stephen Gran <steve@lobefin.net>
Sun, 2 Mar 2014 08:24:15 +0000 (08:24 +0000)
diff --git a/Util.pm b/Util.pm

index 14fab61..27060d7 100644 (file)
--- a/Util.pm
+++ b/Util.pm
@@ -357,7 +357,10 @@ sub ReadConfigFile {
  
  sub UpgradeConnection($) {
    my ($ldap) = @_;
-  my $mesg = $ldap->start_tls();
+  my $mesg = $ldap->start_tls(
+                          verify => 'require',
+                          cafile => '/etc/ssl/certs/spi-cacert-2008.pem'
+                          );
    $mesg->sync;
    if ($mesg->code != LDAP_SUCCESS) {
      print "Content-type: text/html; charset=utf-8\n\n";
author	Stephen Gran <steve@lobefin.net>
	Sun, 2 Mar 2014 08:24:15 +0000 (08:24 +0000)
committer	Stephen Gran <steve@lobefin.net>
	Sun, 2 Mar 2014 08:24:15 +0000 (08:24 +0000)