Add warning about certificate verification on load

2017-06-09 11:43:07 -07:00 · 2017-06-09 11:43:07 -07:00 · 71c36c5bb4
parent 72d8b1e40a
commit 71c36c5bb4
1 changed files with 10 additions and 1 deletions
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@ -153,7 +153,16 @@ if Settings.ldap['enabled'] || Rails.env.test?

    # Certificates are not verified for backwards compatibility.
    # This default should be flipped to true in 9.5.
-    server['verify_certificates'] = false if server['verify_certificates'].nil?
+    if server['verify_certificates'].nil?
+      server['verify_certificates'] = false
+
+      message = <<-MSG.strip_heredoc
+        LDAP SSL certificate verification is disabled for backwards-compatibility.
+        Please add the "verify_certificates" option to gitlab.yml for each LDAP
+        server. Certificate verification will be enabled by default in GitLab 9.5.
+      MSG
+      Rails.logger.warn(message)
+    end
  end
 end