From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 72BFFC0E97 for ; Fri, 12 Jan 2024 17:17:25 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4378334A25 for ; Fri, 12 Jan 2024 17:16:55 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Fri, 12 Jan 2024 17:16:54 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 8C5E949136 for ; Fri, 12 Jan 2024 17:16:54 +0100 (CET) From: Christoph Heiss To: pbs-devel@lists.proxmox.com Date: Fri, 12 Jan 2024 17:16:00 +0100 Message-ID: <20240112161614.1012311-6-c.heiss@proxmox.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240112161614.1012311-1-c.heiss@proxmox.com> References: <20240112161614.1012311-1-c.heiss@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.003 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pbs-devel] [PATCH proxmox-backup v3 05/13] auth: factor out CA store and cert lookup into own fn X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jan 2024 16:17:25 -0000 This will be needed by the AD authenticator as well, so avoid duplicate code. No functional changes. Signed-off-by: Christoph Heiss --- src/auth.rs | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/src/auth.rs b/src/auth.rs index 51b9e8d1..04fb3a1d 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -185,16 +185,7 @@ impl LdapAuthenticator { servers.push(server.clone()); } - let (ca_store, trusted_cert) = if let Some(capath) = config.capath.as_deref() { - let path = PathBuf::from(capath); - if path.is_dir() { - (Some(path), None) - } else { - (None, Some(vec![path])) - } - } else { - (None, None) - }; + let (ca_store, trusted_cert) = lookup_ca_store_or_cert_path(config.capath.as_deref()); Ok(Config { servers, @@ -219,6 +210,19 @@ fn ldap_to_conn_mode(mode: LdapMode) -> ConnectionMode { } } +fn lookup_ca_store_or_cert_path(capath: Option<&str>) -> (Option, Option>) { + if let Some(capath) = capath { + let path = PathBuf::from(capath); + if path.is_dir() { + (Some(path), None) + } else { + (None, Some(vec![path])) + } + } else { + (None, None) + } +} + /// Lookup the authenticator for the specified realm pub(crate) fn lookup_authenticator( realm: &RealmRef, -- 2.42.0