add starttls support,

add starttls option to config
2025-02-11 07:09:48 +00:00
parent 89c7dc7897
commit 50ff3b2cfc
4 changed files with 17 additions and 2 deletions
--- a/app/ldap.go
+++ b/app/ldap.go
@@ -1,6 +1,7 @@
 package app

 import (
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net/http"
@@ -20,6 +21,17 @@ type LDAPClient struct {
 // returns a new LDAPClient from the config
 func NewLDAPClient(config Config) (*LDAPClient, error) {
 	LDAPConn, err := ldap.DialURL(config.LdapURL)
+	if err != nil {
+		return nil, err
+	}
+
+	if config.StartTLS {
+		err = LDAPConn.StartTLS(&tls.Config{InsecureSkipVerify: true})
+		if err != nil {
+			return nil, err
+		}
+	}
+
 	return &LDAPClient{
 		client:   LDAPConn,
 		basedn:   config.BaseDN,