openldap
| Crates.io | openldap |
| lib.rs | openldap |
| version | 1.2.2 |
| source | src |
| created_at | 2016-08-09 02:05:43.69882 |
| updated_at | 2020-01-15 01:06:27.819896 |
| description | Straightforward Rust bindings to the C openldap library. This is a fork of cldap that has been methodically fixed, extended, and made to be more compliant with openldap. It should be relatively robust and production ready at this point. Not heavily maintained, but feel free to send PRs if you see something missing. |
| homepage | https://github.com/coder543/rust-cldap |
| repository | https://github.com/coder543/rust-cldap |
| max_upload_size | |
| id | 5927 |
| size | 42,147 |
Philip Westrich (pwestrich)
documentation
README
openldap
Rust bindings for the native OpenLDAP library with a few convenient abstractions for connecting, binding, configuring, and querying your LDAP server.
usage
Using openldap is as easy as the following.
extern crate openldap;
use openldap::*;
use openldap::errors::*;
fn some_ldap_function(ldap_uri: &str, ldap_user: &str, ldap_pass: &str) -> Result<(), LDAPError> {
let ldap = RustLDAP::new(ldap_uri).unwrap();
ldap.set_option(codes::options::LDAP_OPT_PROTOCOL_VERSION,
&codes::versions::LDAP_VERSION3);
ldap.set_option(codes::options::LDAP_OPT_X_TLS_REQUIRE_CERT,
&codes::options::LDAP_OPT_X_TLS_DEMAND);
ldap.simple_bind(ldap_user, ldap_pass).unwrap();
// Returns a LDAPResponse, a.k.a. Vec<HashMap<String,Vec<String>>>.
let _ = ldap.simple_search("CN=Stephen,OU=People,DC=Earth",
codes::scopes::LDAP_SCOPE_BASE)
.unwrap();
Ok(())
}
fn main() {
let ldap_uri = "ldaps://localhost:636";
let ldap_user = "user";
let ldap_pass = "pass";
some_ldap_function(ldap_uri, ldap_user, ldap_pass).unwrap();
}
Security
You should use start_tls before calling bind to avoid sending credentials in plain text over an untrusted network. See https://linux.die.net/man/3/ldap_start_tls_s for more information
fn some_ldap_function(ldap_uri: &str, ldap_user: &str, ldap_pass: &str) -> Result<(), LDAPError> {
let ldap = RustLDAP::new(ldap_uri).unwrap();
ldap.set_option(codes::options::LDAP_OPT_PROTOCOL_VERSION,
&codes::versions::LDAP_VERSION3);
ldap.set_option(codes::options::LDAP_OPT_X_TLS_REQUIRE_CERT,
&codes::options::LDAP_OPT_X_TLS_DEMAND);
ldap.set_option(openldap::codes::options::LDAP_OPT_X_TLS_NEWCTX, &0);
ldap.start_tls(None, None);
ldap.simple_bind(ldap_user, ldap_pass).unwrap();
Ok(())
}
On failure, an openldap::errors::LDAPError will be returned that includes a detailed
message from the native OpenLDAP library.
contributing
I'm happy to accept contributions. If you have work you want to be merged back into master, send me a pull request and I will be happy to look at it. I prefer changes which don't break the API, of course, but I'm willing to consider breaking changes.