[pbs-devel] [PATCH proxmox-ldap 0/6] introduce proxmox-ldap crate

Lukas Wagner l.wagner at proxmox.com
Tue Jan 17 15:20:31 CET 2023


This patch series adds the new `proxmox-ldap` crate. The crate is mostly based on
`src/server/ldap.rs` from [1].

The main reason for breaking this out into a separate crate/repo is to make it easily
reusable from PVE/PMG via perlmod -- at some point in the future, all
products could use the same LDAP implemenation.

This is sent as a separete patch series, as the original [1] was already
quite large with 17 commits, affecting multiple repositories.

Changes from [1]@v1:
  * Change how custom TLS-certificates work:
    Pass certificate paths instead of strings containing the
    certificate.
    Now, users of this crate can pass additional root certs that
    are to be trusted. Alternatively, and this was added with PVE
    compatibility in mind, one can add whole certificate store
    directories, replacing the system's default at `/etc/ssl/certs`.

  * Add integration tests, testing the implementation against a real
    LDAP server (`glauth`). The test can be executed via the
    `run_integratin_tests.sh` helper and require the `glauth` binary to
    be available. The integration tests are #[ignored] by default, so they
    don't interfere with regular unit-test execution.


[1] https://lists.proxmox.com/pipermail/pbs-devel/2023-January/005788.html

Lukas Wagner (6):
  initial commit
  add basic user auth functionality
  add helpers for constructing LDAP filters
  allow searching for LDAP entities
  tests: add LDAP integration tests
  add debian packaging

-- 
2.30.2






More information about the pbs-devel mailing list