Configuration - Fixed tls_skip_verify
This commit is contained in:
parent
29ab0fd8f0
commit
dad5a17d36
2 changed files with 7 additions and 4 deletions
|
@ -30,7 +30,7 @@ type (
|
||||||
tLdapConnectionConfig struct {
|
tLdapConnectionConfig struct {
|
||||||
Port uint16 `yaml:"port"`
|
Port uint16 `yaml:"port"`
|
||||||
TLS string `yaml:"tls"`
|
TLS string `yaml:"tls"`
|
||||||
TLSNoVerify bool `yaml:"tls_skip_verify"`
|
TLSNoVerify *bool `yaml:"tls_skip_verify"`
|
||||||
CaChain string `yaml:"ca_chain"`
|
CaChain string `yaml:"ca_chain"`
|
||||||
BindUser string `yaml:"bind_user"`
|
BindUser string `yaml:"bind_user"`
|
||||||
BindPassword string `yaml:"bind_password"`
|
BindPassword string `yaml:"bind_password"`
|
||||||
|
@ -168,7 +168,9 @@ func (c *tLdapServerConfig) ApplyDefaults(dft tLdapConnectionConfig) {
|
||||||
if c.TLS == "" {
|
if c.TLS == "" {
|
||||||
c.TLS = dft.TLS
|
c.TLS = dft.TLS
|
||||||
}
|
}
|
||||||
// FIXME: I have no clue how I should handle TLSNoVerify
|
if c.TLSNoVerify == nil {
|
||||||
|
c.TLSNoVerify = dft.TLSNoVerify
|
||||||
|
}
|
||||||
if c.CaChain == "" {
|
if c.CaChain == "" {
|
||||||
c.CaChain = dft.CaChain
|
c.CaChain = dft.CaChain
|
||||||
}
|
}
|
||||||
|
|
5
ldap.go
5
ldap.go
|
@ -62,8 +62,9 @@ func getLdapServerConnection(cfg tLdapConfig, server int) *tLdapConn {
|
||||||
})
|
})
|
||||||
log.Trace("Establishing LDAP connection")
|
log.Trace("Establishing LDAP connection")
|
||||||
|
|
||||||
tlsConfig := &tls.Config{
|
tlsConfig := &tls.Config{}
|
||||||
InsecureSkipVerify: scfg.TLSNoVerify,
|
if scfg.TLSNoVerify != nil {
|
||||||
|
tlsConfig.InsecureSkipVerify = *scfg.TLSNoVerify
|
||||||
}
|
}
|
||||||
if scfg.TLS != "no" && scfg.CaChain != "" {
|
if scfg.TLS != "no" && scfg.CaChain != "" {
|
||||||
log := log.WithField("cachain", scfg.CaChain)
|
log := log.WithField("cachain", scfg.CaChain)
|
||||||
|
|
Loading…
Reference in a new issue