Summary

libldap-common missing in beanbag/reviewboard:6.0 and above

Review Request #13614 — Created March 5, 2024 and submitted March 9, 2024, 2:37 a.m.

Information

Owner

fmiedniak-abb

Repository

Review Board

Branch

release-6.x

Bugs

5023

Depends On

Reviewers

Groups

reviewboard

People

Description

libldap-common is missing in beanbag/reviewboard:6.0 and above. This has a nasty consequence: Verification of LDAPS servers with non-public certificates is not possible anymore! Instead, RB will just report the very unspecific error:

Error authenticating with LDAP: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': [], 'info': '(unknown error code)'}
Solution proposal:

Add apt-get install libldap-common to Dockerfile, so the package gets installed explicitly and LDAP client uses system-wide certificate store again.

Testing Done


Built a docker image derived from beanbag/reviewboard:6.0, installed the missing package libldap-common and add appropriate non-public certificate to system-wide certificate store
Run container based on derived image
RB UI: Configure LDAP auth to a server that uses a non-public certificate
RB UI: Try to login with LDAP-based user account

-> No error message seen anymore and login succeeded.

flake8 passed.

JSHint passed.

Ship it!

Thanks for the change! Looks good, and we'll get this into the new installer as well.

chipx86 March 5, 2024, 9:16 p.m.

I'm working to deploy new images for 6.0. Should be ready within an hour.

Status: Closed (submitted)

Change Summary:

Pushed to release-6.x (5fc77fd)

Status: Re-opened

Change Summary:

Updated proposal: Move installation of package from build stage to installation stage. Please note, this is not tested yet by me.

Diff:

Revision 2 (+1 -1)

Show changes

contrib/docker/Dockerfile

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Status: Closed (submitted)

Change Summary:

Pushed to release-7.x (5fc77fd)