Drop sa-awl output from pmg-system-report

[pmg-api.git] / PMG / LDAPCache.pm

diff --git a/PMG/LDAPCache.pm b/PMG/LDAPCache.pm
index ca4aec98022304842545d3980d3687208a6bc03c..ca18ad66b2a3f7513e4831ab767d6a1e245d9c2f 100755 (executable)
--- a/PMG/LDAPCache.pm
+++ b/PMG/LDAPCache.pm
@@ -370,10 +370,24 @@ sub ldap_connect_and_bind {
      my ($self) = @_;
 
      my $ldap = $self->ldap_connect() ||
-        die "Can't bind to ldap server '$self->{id}': $! $@\n";
+        die "Can't bind to ldap server '$self->{id}': " . ($@ // "unknown error") . "\n";
 
      my $mesg;
 
+     if ($self->{mode} eq 'ldap+starttls') {
+        my $opts = {
+            verify => $self->{verify} ? 'require' : 'none',
+        };
+
+        if ($self->{cafile}) {
+            $opts->{cafile} = $self->{cafile};
+        } else {
+            $opts->{capath} = '/etc/ssl/certs/';
+        }
+
+        $ldap->start_tls(%$opts);
+     }
+
      if ($self->{binddn}) {
         $mesg = $ldap->bind($self->{binddn}, password => $self->{bindpw});
      } else {