Closed noraj closed 5 months ago
That is a very unique situation, and we can't really have a package that interacts with people system configuration. I could envision a solution where we embed a custom TLS implementation that supports SSL2 but that will likely impact performance there might be side effects. Unless you are willing to step into that and offer a generous PR, I will close the issue :)
Have you an idea why other commands were working and just this one complained about TLS issues? I mean, it was always the same LDAP server.
My wild guess is that the commands you used worked just fine using LDAP, but certain LDAP queries have to be done over TLS.
I suppose the commands that worked did work because TLS wasn't required. And suddenly one command requires TLS and thus cause the program to crash due to the incompatibilities in the TLS stack.
Using
create_computer
module I get this error:TLS needed: wrap socket error: [Errno 104] Connection reset by peer
error seems to come from ldap3. Most possibly because the SSL/TLS version is too old and have been disabled in newer openssl version.nmap scripts shows me the server accept old SSL v2
It seems the solution is to provide a custom openssl configuration https://takraw-s.medium.com/fix-errors-socket-ssl-wrapping-error-errno-104-connection-reset-by-peer-9c63c551cd7.
What I don't understand, is that I was successfully able to use other modules without TLS errors. So there is maybe somethign else.