From ec0609d81cb5f2b44fce7174b72dd2c5a06dfbe6 Mon Sep 17 00:00:00 2001 From: luke Date: Tue, 13 Jun 2006 15:57:06 +0000 Subject: A round of bug-fixing in preparation for the next release. git-svn-id: https://reductivelabs.com/svn/puppet/trunk@1256 980ebf18-57e1-0310-9a29-db15c13687c0 --- lib/puppet/parser/interpreter.rb | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'lib/puppet/parser') diff --git a/lib/puppet/parser/interpreter.rb b/lib/puppet/parser/interpreter.rb index 9c74934b0..eeb0e4cca 100644 --- a/lib/puppet/parser/interpreter.rb +++ b/lib/puppet/parser/interpreter.rb @@ -15,6 +15,14 @@ module Puppet Puppet.setdefaults("ldap", :ldapnodes => [false, "Whether to search for node configurations in LDAP."], + :ldapssl => [false, + "Whether SSL should be used when searching for nodes. + Defaults to false because SSL usually requires certificates + to be set up on the client side."], + :ldaptls => [false, + "Whether TLS should be used when searching for nodes. + Defaults to false because TLS usually requires certificates + to be set up on the client side."], :ldapserver => ["ldap", "The LDAP server. Only used if ``ldapnodes`` is enabled."], :ldapport => [389, @@ -114,7 +122,15 @@ module Puppet return end begin - @ldap = LDAP::Conn.new(Puppet[:ldapserver], Puppet[:ldapport]) + if Puppet[:ldapssl] + @ldap = LDAP::SSLConn.new(Puppet[:ldapserver], Puppet[:ldapport]) + elsif Puppet[:ldaptls] + @ldap = LDAP::SSLConn.new( + Puppet[:ldapserver], Puppet[:ldapport], true + ) + else + @ldap = LDAP::Conn.new(Puppet[:ldapserver], Puppet[:ldapport]) + end @ldap.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3) @ldap.set_option(LDAP::LDAP_OPT_REFERRALS, LDAP::LDAP_OPT_ON) @ldap.simple_bind(Puppet[:ldapuser], Puppet[:ldappassword]) -- cgit