libldap-common missing in beanbag/reviewboard:6.0 and above

Review Request #13614 — Created March 5, 2024 and submitted

Information

Review Board
release-6.x

Reviewers

libldap-common is missing in beanbag/reviewboard:6.0 and above. This has a nasty consequence: Verification of LDAPS servers with non-public certificates is not possible anymore! Instead, RB will just report the very unspecific error:
Error authenticating with LDAP: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': [], 'info': '(unknown error code)'}

Solution proposal:
Add apt-get install libldap-common to Dockerfile, so the package gets installed explicitly and LDAP client uses system-wide certificate store again.

  1. Built a docker image derived from beanbag/reviewboard:6.0, installed the missing package libldap-common and add appropriate non-public certificate to system-wide certificate store
  2. Run container based on derived image
  3. RB UI: Configure LDAP auth to a server that uses a non-public certificate
  4. RB UI: Try to login with LDAP-based user account
    -> No error message seen anymore and login succeeded.
chipx86
  1. Thanks for the change! Looks good, and we'll get this into the new installer as well.

    1. I'm working to deploy new images for 6.0. Should be ready within an hour.

  2. 
      
FM
FM
FM
FM
Review request changed
Status:
Completed
Change Summary:
Pushed to release-7.x (5fc77fd)