api-types: factor out LdapMode -> ConnectionMode conversion into own fn

This will be needed by the AD authenticator as well, so avoid duplicate code. No functional changes. Signed-off-by: Christoph Heiss <c.heiss@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-01-12 17:15:59 +01:00 · 2024-01-12 17:15:59 +01:00 · 30c34f0b50
commit 30c34f0b50
parent 6aff2de5d9
1 changed files with 9 additions and 7 deletions
--- a/src/auth.rs
+++ b/src/auth.rs
@ -185,12 +185,6 @@ impl LdapAuthenticator {
            servers.push(server.clone());
        }

-        let tls_mode = match config.mode.unwrap_or_default() {
-            LdapMode::Ldap => ConnectionMode::Ldap,
-            LdapMode::StartTls => ConnectionMode::StartTls,
-            LdapMode::Ldaps => ConnectionMode::Ldaps,
-        };
-
        let (ca_store, trusted_cert) = if let Some(capath) = config.capath.as_deref() {
            let path = PathBuf::from(capath);
            if path.is_dir() {
@ -209,7 +203,7 @@ impl LdapAuthenticator {
            base_dn: config.base_dn.clone(),
            bind_dn: config.bind_dn.clone(),
            bind_password: password,
-            tls_mode,
+            tls_mode: ldap_to_conn_mode(config.mode.unwrap_or_default()),
            verify_certificate: config.verify.unwrap_or_default(),
            additional_trusted_certificates: trusted_cert,
            certificate_store_path: ca_store,
@ -217,6 +211,14 @@ impl LdapAuthenticator {
    }
 }

+fn ldap_to_conn_mode(mode: LdapMode) -> ConnectionMode {
+    match mode {
+        LdapMode::Ldap => ConnectionMode::Ldap,
+        LdapMode::StartTls => ConnectionMode::StartTls,
+        LdapMode::Ldaps => ConnectionMode::Ldaps,
+    }
+}
+
 /// Lookup the authenticator for the specified realm
 pub(crate) fn lookup_authenticator(
    realm: &RealmRef,