public inbox for pbs-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Lukas Wagner <l.wagner@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH v3 proxmox 0/6] introduce proxmox-ldap crate
Date: Tue, 24 Jan 2023 11:03:31 +0100	[thread overview]
Message-ID: <20230124100337.152394-1-l.wagner@proxmox.com> (raw)

This patch series adds the new `proxmox-ldap` crate. The crate is mostly based on
`src/server/ldap.rs` from [1].

The main reason for breaking this out into a separate crate is to make it easily
reusable from PVE/PMG via perlmod -- at some point in the future, all
products could use the same LDAP implemenation.

This is sent as a separate patch series, as the original [1] was already
quite large with 17 commits, affecting multiple repositories.


Changes v2 -> v3:
  * Move the `proxmox-ldap` crate into the `proxmox` repo
  * Let FilterElement take &str instead of String
  * Implement the Display trait instead of ToString

Changes [1]@v1 -> v2:
  * Change how custom TLS-certificates work:
    Pass certificate paths instead of strings containing the
    certificate.
    Now, users of this crate can pass additional root certs that
    are to be trusted. Alternatively, and this was added with PVE
    compatibility in mind, one can add whole certificate store
    directories, replacing the system's default at `/etc/ssl/certs`.

  * Add integration tests, testing the implementation against a real
    LDAP server (`glauth`). The test can be executed via the
    `run_integratin_tests.sh` helper and require the `glauth` binary to
    be available. The integration tests are #[ignored] by default, so they
    don't interfere with regular unit-test execution.

Thanks to Wolfgang and Thomas for their review of v2.

[1] https://lists.proxmox.com/pipermail/pbs-devel/2023-January/005788.html

Lukas Wagner (6):
  ldap: create new `proxmox-ldap` crate
  ldap: add basic user auth functionality
  ldap: add helpers for constructing LDAP filters
  ldap: allow searching for LDAP entities
  ldap: tests: add LDAP integration tests
  ldap: add debian packaging

 Cargo.toml                                    |   3 +
 proxmox-ldap/Cargo.toml                       |  18 +
 proxmox-ldap/debian/changelog                 |   5 +
 proxmox-ldap/debian/control                   |  43 ++
 proxmox-ldap/debian/copyright                 |  16 +
 proxmox-ldap/debian/debcargo.toml             |   7 +
 proxmox-ldap/run_integration_tests.sh         |  31 ++
 proxmox-ldap/src/lib.rs                       | 390 ++++++++++++++++++
 .../tests/assets/generate_certificate.sh      |   4 +
 proxmox-ldap/tests/assets/glauth.cfg          |  67 +++
 proxmox-ldap/tests/assets/glauth.crt          |  29 ++
 proxmox-ldap/tests/assets/glauth.key          |  52 +++
 proxmox-ldap/tests/assets/glauth_v6.cfg       |  67 +++
 proxmox-ldap/tests/glauth.rs                  | 166 ++++++++
 14 files changed, 898 insertions(+)
 create mode 100644 proxmox-ldap/Cargo.toml
 create mode 100644 proxmox-ldap/debian/changelog
 create mode 100644 proxmox-ldap/debian/control
 create mode 100644 proxmox-ldap/debian/copyright
 create mode 100644 proxmox-ldap/debian/debcargo.toml
 create mode 100755 proxmox-ldap/run_integration_tests.sh
 create mode 100644 proxmox-ldap/src/lib.rs
 create mode 100755 proxmox-ldap/tests/assets/generate_certificate.sh
 create mode 100644 proxmox-ldap/tests/assets/glauth.cfg
 create mode 100644 proxmox-ldap/tests/assets/glauth.crt
 create mode 100644 proxmox-ldap/tests/assets/glauth.key
 create mode 100644 proxmox-ldap/tests/assets/glauth_v6.cfg
 create mode 100644 proxmox-ldap/tests/glauth.rs

-- 
2.30.2





             reply	other threads:[~2023-01-24 10:03 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-24 10:03 Lukas Wagner [this message]
2023-01-24 10:03 ` [pbs-devel] [PATCH v3 proxmox 1/6] ldap: create new `proxmox-ldap` crate Lukas Wagner
2023-01-24 10:03 ` [pbs-devel] [PATCH v3 proxmox 2/6] ldap: add basic user auth functionality Lukas Wagner
2023-01-24 10:03 ` [pbs-devel] [PATCH v3 proxmox 3/6] ldap: add helpers for constructing LDAP filters Lukas Wagner
2023-01-24 10:03 ` [pbs-devel] [PATCH v3 proxmox 4/6] ldap: allow searching for LDAP entities Lukas Wagner
2023-01-24 10:03 ` [pbs-devel] [PATCH v3 proxmox 5/6] ldap: tests: add LDAP integration tests Lukas Wagner
2023-01-24 10:03 ` [pbs-devel] [PATCH v3 proxmox 6/6] ldap: add debian packaging Lukas Wagner
2023-02-08 13:32 ` [pbs-devel] applied-series: [PATCH v3 proxmox 0/6] introduce proxmox-ldap crate Wolfgang Bumiller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230124100337.152394-1-l.wagner@proxmox.com \
    --to=l.wagner@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal