mirror of
https://github.com/ViViDboarder/bitwarden_rs_ldap.git
synced 2024-12-22 09:07:34 +00:00
Merge branch 'starttls' into master
This commit is contained in:
commit
d5dd5903b1
@ -22,7 +22,8 @@ Configuration values are as follows:
|
||||
|`bitwarden_root_cert_file`|String|Optional|Path to an additional der-encoded root certificate to trust. Eg. `root.cert`. If using Docker see `docker-compose.yml` for how to expose it. Defaults to `empty`|
|
||||
|`ldap_host`|String||The hostname or IP address for your ldap server|
|
||||
|`ldap_scheme`|String|Optional|The that should be used to connect. `ldap` or `ldaps`. This is set by default based on SSL settings|
|
||||
|`ldap_ssl`|Boolean|Optional|Indicates if SSL should be used. Defaults to `false`|
|
||||
|`ldap_ssl`|Boolean|Optional|Indicates if SSL should be used and if we should connect with `ldaps`. Defaults to `false`|
|
||||
|`ldap_starttls`|Boolean|Optional|Indicates if the connection should be done using StartTLS|
|
||||
|`ldap_no_tls_verify`|Boolean|Optional|Indicates if certificate should be verified when using SSL. Defaults to `true`|
|
||||
|`ldap_port`|Integer|Optional|Port used to connect to the LDAP server. This will default to 389 or 636, depending on your SSL settings|
|
||||
|`ldap_bind_dn`|String||The dn for the bind user that will connect to LDAP. Eg. `cn=admin,dc=example,dc=org`|
|
||||
|
@ -43,6 +43,7 @@ pub struct Config {
|
||||
ldap_host: String,
|
||||
ldap_scheme: Option<String>,
|
||||
ldap_ssl: Option<bool>,
|
||||
ldap_starttls: Option<bool>,
|
||||
ldap_port: Option<u16>,
|
||||
ldap_no_tls_verify: Option<bool>,
|
||||
// LDAP auth config
|
||||
@ -110,6 +111,10 @@ impl Config {
|
||||
self.ldap_ssl.unwrap_or(false)
|
||||
}
|
||||
|
||||
pub fn get_ldap_starttls(&self) -> bool {
|
||||
self.ldap_starttls.unwrap_or(false)
|
||||
}
|
||||
|
||||
pub fn get_ldap_no_tls_verify(&self) -> bool {
|
||||
self.ldap_no_tls_verify.unwrap_or(false)
|
||||
}
|
||||
|
@ -66,8 +66,11 @@ fn ldap_client(
|
||||
bind_dn: String,
|
||||
bind_pw: String,
|
||||
no_tls_verify: bool,
|
||||
starttls: bool,
|
||||
) -> Result<LdapConn, Box<dyn Error>> {
|
||||
let settings = LdapConnSettings::new().set_no_tls_verify(no_tls_verify);
|
||||
let settings = LdapConnSettings::new()
|
||||
.set_starttls(starttls)
|
||||
.set_no_tls_verify(no_tls_verify);
|
||||
let ldap = LdapConn::with_settings(settings, ldap_url.as_str())?;
|
||||
match ldap.simple_bind(bind_dn.as_str(), bind_pw.as_str()) {
|
||||
_ => {}
|
||||
@ -83,6 +86,7 @@ fn search_entries(config: &config::Config) -> Result<Vec<SearchEntry>, Box<dyn E
|
||||
config.get_ldap_bind_dn(),
|
||||
config.get_ldap_bind_password(),
|
||||
config.get_ldap_no_tls_verify(),
|
||||
config.get_ldap_starttls(),
|
||||
);
|
||||
|
||||
if ldap.is_err() {
|
||||
|
Loading…
Reference in New Issue
Block a user