public inbox for pbs-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: Christoph Heiss <c.heiss@proxmox.com>
Cc: pbs-devel@lists.proxmox.com
Subject: Re: [pbs-devel] [PATCH proxmox-backup 03/12] api-types: implement `LdapMode` -> `ConnectionMode` conversion
Date: Fri, 11 Aug 2023 12:36:41 +0200	[thread overview]
Message-ID: <25eohhxnkmqyeagjnzqa7is7cuziud7sjk4at6oah2mokpt66x@4vznehpsv6nl> (raw)
In-Reply-To: <20230808122239.1025524-4-c.heiss@proxmox.com>

On Tue, Aug 08, 2023 at 02:22:05PM +0200, Christoph Heiss wrote:
> No functional changes.
> 
> Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
> ---
>  pbs-api-types/Cargo.toml  |  1 +
>  pbs-api-types/src/ldap.rs | 11 +++++++++++
>  src/auth.rs               | 12 +++---------
>  3 files changed, 15 insertions(+), 9 deletions(-)
> 
> diff --git a/pbs-api-types/Cargo.toml b/pbs-api-types/Cargo.toml
> index 31b69f62..cb584cb5 100644
> --- a/pbs-api-types/Cargo.toml
> +++ b/pbs-api-types/Cargo.toml
> @@ -17,6 +17,7 @@ serde_plain.workspace = true
>  proxmox-auth-api = { workspace = true, features = [ "api-types" ] }
>  proxmox-human-byte.workspace = true
>  proxmox-lang.workspace=true
> +proxmox-ldap.workspace = true

The api type crate should strive to be somewhat lightweight, as it will
also end up being used in with wasm at some point where we definitely
can't pull this in.

If it really makes sense to have this locally, it should be
feature-guarded.

>  proxmox-schema = { workspace = true, features = [ "api-macro" ] }
>  proxmox-serde.workspace = true
>  proxmox-time.workspace = true
> diff --git a/pbs-api-types/src/ldap.rs b/pbs-api-types/src/ldap.rs
> index f3df90a0..e1f7c452 100644
> --- a/pbs-api-types/src/ldap.rs
> +++ b/pbs-api-types/src/ldap.rs
> @@ -1,5 +1,6 @@
>  use serde::{Deserialize, Serialize};
> 
> +use proxmox_ldap::ConnectionMode;
>  use proxmox_schema::{api, ApiStringFormat, ApiType, ArraySchema, Schema, StringSchema, Updater};
> 
>  use super::{REALM_ID_SCHEMA, SINGLE_LINE_COMMENT_SCHEMA};
> @@ -20,6 +21,16 @@ pub enum LdapMode {
>      Ldaps,
>  }
> 
> +impl From<LdapMode> for ConnectionMode {
> +    fn from(value: LdapMode) -> ConnectionMode {
> +        match value {
> +            LdapMode::Ldap => ConnectionMode::Ldap,
> +            LdapMode::StartTls => ConnectionMode::StartTls,
> +            LdapMode::Ldaps => ConnectionMode::Ldaps,
> +        }
> +    }
> +}
> +
>  #[api(
>      properties: {
>          "realm": {
> diff --git a/src/auth.rs b/src/auth.rs
> index 318d1ff2..e375ebc4 100644
> --- a/src/auth.rs
> +++ b/src/auth.rs
> @@ -16,10 +16,10 @@ use proxmox_auth_api::api::{Authenticator, LockedTfaConfig};
>  use proxmox_auth_api::ticket::{Empty, Ticket};
>  use proxmox_auth_api::types::Authid;
>  use proxmox_auth_api::Keyring;
> -use proxmox_ldap::{Config, Connection, ConnectionMode};
> +use proxmox_ldap::{Config, Connection};
>  use proxmox_tfa::api::{OpenUserChallengeData, TfaConfig};
> 
> -use pbs_api_types::{LdapMode, LdapRealmConfig, OpenIdRealmConfig, RealmRef, Userid, UsernameRef};
> +use pbs_api_types::{LdapRealmConfig, OpenIdRealmConfig, RealmRef, Userid, UsernameRef};
>  use pbs_buildcfg::configdir;
> 
>  use crate::auth_helpers;
> @@ -185,12 +185,6 @@ impl LdapAuthenticator {
>              servers.push(server.clone());
>          }
> 
> -        let tls_mode = match config.mode.unwrap_or_default() {
> -            LdapMode::Ldap => ConnectionMode::Ldap,
> -            LdapMode::StartTls => ConnectionMode::StartTls,
> -            LdapMode::Ldaps => ConnectionMode::Ldaps,
> -        };
> -
>          let (ca_store, trusted_cert) = if let Some(capath) = config.capath.as_deref() {
>              let path = PathBuf::from(capath);
>              if path.is_dir() {
> @@ -209,7 +203,7 @@ impl LdapAuthenticator {
>              base_dn: config.base_dn.clone(),
>              bind_dn: config.bind_dn.clone(),
>              bind_password: password,
> -            tls_mode,
> +            tls_mode: config.mode.unwrap_or_default().into(),
>              verify_certificate: config.verify.unwrap_or_default(),
>              additional_trusted_certificates: trusted_cert,
>              certificate_store_path: ca_store,
> --
> 2.41.0




  reply	other threads:[~2023-08-11 10:36 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-08 12:22 [pbs-devel] [PATCH proxmox/proxmox-backup/pwt 0/12] add Active Directory realm support Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox 01/12] ldap: add method for retrieving root DSE attributes Christoph Heiss
2023-08-11 10:29   ` Wolfgang Bumiller
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox 02/12] auth-api: implement `Display` for `Realm{, Ref}` Christoph Heiss
2023-08-11 10:32   ` Wolfgang Bumiller
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 03/12] api-types: implement `LdapMode` -> `ConnectionMode` conversion Christoph Heiss
2023-08-11 10:36   ` Wolfgang Bumiller [this message]
2023-08-14  9:40     ` Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 04/12] auth: factor out CA store and cert lookup into own function Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 05/12] api-types: implement `Display`, `FromStr` for `RealmType` Christoph Heiss
2023-08-11 10:58   ` Wolfgang Bumiller
2023-08-14  9:40     ` Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 06/12] realm sync: generic-ify `LdapSyncSettings` and `GeneralSyncSettings` Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 07/12] api: access: add routes for managing AD realms Christoph Heiss
2023-08-09 10:12   ` Lukas Wagner
2023-08-09 10:54     ` Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 08/12] config: domains: add new "ad" section type for " Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 09/12] realm sync: add sync job " Christoph Heiss
2023-08-09 10:12   ` Lukas Wagner
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 10/12] manager: add subcommand for managing " Christoph Heiss
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-backup 11/12] docs: user-management: add section about AD realm support Christoph Heiss
2023-08-09 10:12   ` Lukas Wagner
2023-08-08 12:22 ` [pbs-devel] [PATCH proxmox-widget-toolkit 12/12] window: add Active Directory auth panel Christoph Heiss
2023-08-09 10:13   ` Lukas Wagner
2023-08-09 10:57     ` Christoph Heiss

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=25eohhxnkmqyeagjnzqa7is7cuziud7sjk4at6oah2mokpt66x@4vznehpsv6nl \
    --to=w.bumiller@proxmox.com \
    --cc=c.heiss@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal