From: Stefan Metzmacher Date: Mon, 21 Mar 2016 02:56:22 +0000 (+0100) Subject: CVE-2016-2113: s4:selftest: explicitly use '--option="tlsverifypeer=no_check" for... X-Git-Tag: talloc-2.1.7~408 X-Git-Url: http://git.samba.org/?p=samba.git;a=commitdiff_plain;h=e72b2c94b56b30cce5a2f47a080e70a83a551d19 CVE-2016-2113: s4:selftest: explicitly use '--option="tlsverifypeer=no_check" for some ldaps tests BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752 Signed-off-by: Stefan Metzmacher Reviewed-by: Günther Deschner --- diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index 80f5ab9b227..64347b53899 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -80,6 +80,7 @@ for env in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]: plantestsuite("samba4.ldb.simple.ldap with SIMPLE-BIND %s(%s)" % (options, env), env, "%s/test_ldb_simple.sh ldap $SERVER %s" % (bbdir, options)) if have_tls_support: + options += ' --option="tlsverifypeer=no_check"' plantestsuite("samba4.ldb.simple.ldaps with SIMPLE-BIND %s(%s)" % (options, env), env, "%s/test_ldb_simple.sh ldaps $SERVER %s" % (bbdir, options)) @@ -94,7 +95,7 @@ for env in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]: plantestsuite("samba4.ldb.simple.ldap with SASL-BIND %s(%s)" % (options, env), env, "%s/test_ldb_simple.sh ldap $SERVER %s" % (bbdir, options)) if have_tls_support: - options = '-U"$USERNAME%$PASSWORD"' + options = '-U"$USERNAME%$PASSWORD" --option="tlsverifypeer=no_check"' plantestsuite("samba4.ldb.simple.ldaps with SASL-BIND %s(%s)" % (options, env), env, "%s/test_ldb_simple.sh ldaps $SERVER %s" % (bbdir, options))