mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-06 04:09:40 -06:00
Code Issues Packages Projects Releases Wiki Activity

Allow reva to use safer TLS defaults for LDAP

Browse Source 
Reva is moving away from the hardcoded "insecure" setting for LDAP
connections. For this to happend ocis needs some adjustments. In order
to avoid an "insecure" by default config in ocis this commit adds the
new parameters "insecure" and "cacert" to the LDAP configuration for the
auth-, user- and groups-provider. To make the out of the box experience
as smooth as possible the default setting for "cacert" points to the
certificate that is generated for glauth on startup.
This commit is contained in:
Ralf Haferkamp
2021-09-13 17:46:30 +02:00
parent c8b1b42db6
commit e932120cbc
6 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
storage/pkg/command/authbasic.go
View File

@@ -114,6 +114,8 @@ func authBasicConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]in
"ldap": map[string]interface{}{
"hostname": cfg.Reva.LDAP.Hostname,
"port": cfg.Reva.LDAP.Port,
"cacert": cfg.Reva.LDAP.CACert,
"insecure": cfg.Reva.LDAP.Insecure,
"base_dn": cfg.Reva.LDAP.BaseDN,
"loginfilter": cfg.Reva.LDAP.LoginFilter,
"bind_username": cfg.Reva.LDAP.BindDN,