feat(auth): use config variable to check if we should verify tls

This commit is contained in:
kolaente 2025-01-27 15:30:20 +01:00 committed by konrad
parent 03412dd358
commit f898bdaf2d
1 changed files with 11 additions and 1 deletions

View File

@ -17,6 +17,7 @@
package ldap
import (
"crypto/tls"
"fmt"
"strings"
@ -71,7 +72,16 @@ func ConnectAndBindToLDAPDirectory() (l *ldap.Conn, err error) {
config.AuthLdapHost.GetString(),
config.AuthLdapPort.GetInt(),
)
l, err = ldap.DialURL(url)
opts := []ldap.DialOpt{}
if config.AuthLdapUseTLS.GetBool() {
// #nosec G402
opts = append(opts, ldap.DialWithTLSConfig(&tls.Config{
InsecureSkipVerify: !config.AuthLdapVerifyTLS.GetBool(),
}))
}
l, err = ldap.DialURL(url, opts...)
if err != nil {
log.Fatalf("Could not connect to LDAP server: %s", err)
}