From 3887b5012b1375cd7e50f1ac757a3b49c3c9ceb3 Mon Sep 17 00:00:00 2001
From: Graham Williamson <graham@williamsonsinc.id.au>
Date: Wed, 27 Feb 2019 21:50:32 +1100
Subject: [PATCH 1/2] Enforces TLS hand shake before passing creds

---
 devpi_ldap/main.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/devpi_ldap/main.py b/devpi_ldap/main.py
index 825e174..f65b9c0 100644
--- a/devpi_ldap/main.py
+++ b/devpi_ldap/main.py
@@ -118,8 +118,17 @@ def server(self):
         return self.ldap3.Server(self['url'], tls=tls)
 
     def connection(self, server, userdn=None, password=None):
+        auto_bind_setting = ldap3.AUTO_BIND_NONE
+        tls_cfg = self.get('tls', None)
+        use_ssl_setting = False
+
+        if tls_cfg:
+            auto_bind_setting = ldap3.AUTO_BIND_TLS_BEFORE_BIND
+        if "ldaps://" in self['url'][:8]:
+            use_ssl_setting = True
+
         conn = self.ldap3.Connection(
-            server,
+            server, use_ssl=use_ssl_setting, autobind=auto_bind_setting,
             auto_referrals=self.get('referrals', True),
             read_only=True, user=userdn, password=password)
         return conn

From 9b5be689b091f0cc73ffb456ae485b52ba21d2a5 Mon Sep 17 00:00:00 2001
From: Graham Williamson <graham@williamsonsinc.id.au>
Date: Wed, 20 Mar 2019 14:36:32 +1100
Subject: [PATCH 2/2] Adds python3.7 to test

---
 .travis.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index bc8aade..1f6e94d 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,10 +1,12 @@
+dist: xenial
 language: python
-sudo: false
+sudo: true
 python:
   - 2.7
   - 3.4
   - 3.5
   - 3.6
+  - 3.7
 install:
   - pip install tox-travis
 script: