)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"change_message_id":"f70a4db1141c1caf447b7b3b788cec4226a831d8","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"57360f44_ab03546e","updated":"2022-03-21 13:23:20.000000000","message":"LGTM","commit_id":"ffd07845c930ca3c4d2f3db589609b5999b85b91"},{"author":{"_account_id":9542,"name":"Pavlo Shchelokovskyy","email":"pshchelokovskyy@mirantis.com","username":"pshchelo"},"change_message_id":"dbd06dab2041bc0850cf2d1675c3c783af1ce005","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"78279be6_d06a54f0","updated":"2024-10-30 10:20:01.000000000","message":"this is breaking backward compatibility.\n\nThis seems to have worked just fine with default cabundle (if it validates the LDAP server of course), and one did not have to specify cafile or cadir in this case.\n\nNow this effectively requires that when using TLS for LDAP, either certfile or certdir MUST be configured, breaking access to LDAP when upgrading an env that did fine with default bundles.","commit_id":"f66a7d11b5ad6c6b9b155408863f5de82bb2d973"}],"keystone/identity/backends/ldap/common.py":[{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"27e81925745e13cd9eab3c34432aacbcf7fc83d8","unresolved":true,"context_lines":[{"line_number":605,"context_line":"                               \u0027not available\u0027) % ldap.TLS_AVAIL)"},{"line_number":606,"context_line":"        if not tls_cacertfile and not tls_cacertdir:"},{"line_number":607,"context_line":"            raise ValueError(_(\u0027You need to set tls_cacertfile or \u0027"},{"line_number":608,"context_line":"                               \u0027tls_cacertdir if use_tls or using_ldaps is \u0027"},{"line_number":609,"context_line":"                               \u0027true.\u0027))"},{"line_number":610,"context_line":""},{"line_number":611,"context_line":"        if tls_cacertfile:"}],"source_content_type":"text/x-python","patch_set":2,"id":"313135c0_b4aa00bf","line":608,"range":{"start_line":608,"start_character":60,"end_line":608,"end_character":71},"updated":"2022-04-22 15:27:20.000000000","message":"This isn\u0027t a configuration option, just a parameter to the private method. Emitting this in an exception is going to probably be misleading to the user since they\u0027d need to read the code to understand how this works.","commit_id":"ffd07845c930ca3c4d2f3db589609b5999b85b91"},{"author":{"_account_id":597,"name":"Pete Zaitcev","email":"zaitcev@kotori.zaitcev.us","username":"zaitcev"},"change_message_id":"dad92bae07eb2e90929ba8611bf41da528395c34","unresolved":false,"context_lines":[{"line_number":605,"context_line":"                               \u0027not available\u0027) % ldap.TLS_AVAIL)"},{"line_number":606,"context_line":"        if not tls_cacertfile and not tls_cacertdir:"},{"line_number":607,"context_line":"            raise ValueError(_(\u0027You need to set tls_cacertfile or \u0027"},{"line_number":608,"context_line":"                               \u0027tls_cacertdir if use_tls or using_ldaps is \u0027"},{"line_number":609,"context_line":"                               \u0027true.\u0027))"},{"line_number":610,"context_line":""},{"line_number":611,"context_line":"        if tls_cacertfile:"}],"source_content_type":"text/x-python","patch_set":2,"id":"5c237b08_bcc24923","line":608,"range":{"start_line":608,"start_character":60,"end_line":608,"end_character":71},"in_reply_to":"313135c0_b4aa00bf","updated":"2023-03-22 04:12:07.000000000","message":"Done\n\nYes it\u0027s been a year but I\u0027m considering this Lance\u0027s last will and it will be done.","commit_id":"ffd07845c930ca3c4d2f3db589609b5999b85b91"}]}