From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id C01D4C0DD0 for ; Fri, 12 Jan 2024 17:16:54 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 8B363349C9 for ; Fri, 12 Jan 2024 17:16:54 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Fri, 12 Jan 2024 17:16:54 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id AE2454912F for ; Fri, 12 Jan 2024 17:16:53 +0100 (CET) From: Christoph Heiss To: pbs-devel@lists.proxmox.com Date: Fri, 12 Jan 2024 17:15:59 +0100 Message-ID: <20240112161614.1012311-5-c.heiss@proxmox.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240112161614.1012311-1-c.heiss@proxmox.com> References: <20240112161614.1012311-1-c.heiss@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.003 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [auth.rs] Subject: [pbs-devel] [PATCH proxmox-backup v3 04/13] api-types: factor out `LdapMode` -> `ConnectionMode` conversion into own fn X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jan 2024 16:16:54 -0000 This will be needed by the AD authenticator as well, so avoid duplicate code. No functional changes. Signed-off-by: Christoph Heiss --- src/auth.rs | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/auth.rs b/src/auth.rs index ec0bc41f..51b9e8d1 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -185,12 +185,6 @@ impl LdapAuthenticator { servers.push(server.clone()); } - let tls_mode = match config.mode.unwrap_or_default() { - LdapMode::Ldap => ConnectionMode::Ldap, - LdapMode::StartTls => ConnectionMode::StartTls, - LdapMode::Ldaps => ConnectionMode::Ldaps, - }; - let (ca_store, trusted_cert) = if let Some(capath) = config.capath.as_deref() { let path = PathBuf::from(capath); if path.is_dir() { @@ -209,7 +203,7 @@ impl LdapAuthenticator { base_dn: config.base_dn.clone(), bind_dn: config.bind_dn.clone(), bind_password: password, - tls_mode, + tls_mode: ldap_to_conn_mode(config.mode.unwrap_or_default()), verify_certificate: config.verify.unwrap_or_default(), additional_trusted_certificates: trusted_cert, certificate_store_path: ca_store, @@ -217,6 +211,14 @@ impl LdapAuthenticator { } } +fn ldap_to_conn_mode(mode: LdapMode) -> ConnectionMode { + match mode { + LdapMode::Ldap => ConnectionMode::Ldap, + LdapMode::StartTls => ConnectionMode::StartTls, + LdapMode::Ldaps => ConnectionMode::Ldaps, + } +} + /// Lookup the authenticator for the specified realm pub(crate) fn lookup_authenticator( realm: &RealmRef, -- 2.42.0