-
- Downloads
connector/ldap: support the StartTLS flow for secure connections
When connecting to an LDAP server, there are three ways to connect: 1. Insecurely through port 389 (LDAP). 2. Securely through port 696 (LDAPS). 3. Insecurely through port 389 then negotiate TLS (StartTLS). This PR adds support for the 3rd flow, letting dex connect to the standard LDAP port then negotiating TLS through the LDAP protocol itself. See a writeup here: http://www.openldap.org/faq/data/cache/185.html
Showing
- Documentation/ldap-connector.md 10 additions, 2 deletionsDocumentation/ldap-connector.md
- connector/ldap/gen-certs.sh 49 additions, 0 deletionsconnector/ldap/gen-certs.sh
- connector/ldap/ldap.go 16 additions, 2 deletionsconnector/ldap/ldap.go
- connector/ldap/ldap_test.go 169 additions, 24 deletionsconnector/ldap/ldap_test.go
- connector/ldap/testdata/ca.crt 19 additions, 0 deletionsconnector/ldap/testdata/ca.crt
- connector/ldap/testdata/ca.key 27 additions, 0 deletionsconnector/ldap/testdata/ca.key
- connector/ldap/testdata/server.crt 18 additions, 0 deletionsconnector/ldap/testdata/server.crt
- connector/ldap/testdata/server.key 27 additions, 0 deletionsconnector/ldap/testdata/server.key
Loading
Please register or sign in to comment