main: Allow serving TLS connections
This commit is contained in:
Michael Aldridge
parent
6d4b4de38a
commit
1c55b7d328
|
|
@ -41,6 +41,16 @@ func (s *server) Serve(bind string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ServeTLS serves a TLS encrypted DSA on the provided bindstring
|
||||||
|
// using a key/cert pair located at the paths provided. Key and
|
||||||
|
// certificate should be PEM encoded.
|
||||||
|
func (s *server) ServeTLS(bind, keypath, certpath string) error {
|
||||||
|
chErr := make(chan error)
|
||||||
|
go s.ListenAndServeTLS(bind, certpath, keypath, chErr)
|
||||||
|
if err := <-chErr; err != nil {
|
||||||
|
s.l.Error("Error from main server thread", "error", err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
package ldap
|
package ldap
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
|
||||||
"context"
|
"context"
|
||||||
"errors"
|
"errors"
|
||||||
|
"fmt"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
|
|
||||||
25
main.go
25
main.go
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"log"
|
"log"
|
||||||
"os"
|
"os"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
|
"strings"
|
||||||
"syscall"
|
"syscall"
|
||||||
|
|
||||||
"github.com/hashicorp/go-hclog"
|
"github.com/hashicorp/go-hclog"
|
||||||
|
|
@ -56,7 +57,29 @@ func main() {
|
||||||
|
|
||||||
ls.SetDomain(viper.GetString("ldap.domain"))
|
ls.SetDomain(viper.GetString("ldap.domain"))
|
||||||
|
|
||||||
if err := ls.Serve(viper.GetString("ldap.bind")); err != nil {
|
if !viper.GetBool("ldap.tls") {
|
||||||
|
if !strings.HasPrefix(viper.GetString("ldap.bind"), "localhost") {
|
||||||
|
appLogger.Warn("===================================================================")
|
||||||
|
appLogger.Warn(" WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING ")
|
||||||
|
appLogger.Warn("===================================================================")
|
||||||
|
appLogger.Warn("")
|
||||||
|
appLogger.Warn("You are launching this server in plaintext mode! This is allowable")
|
||||||
|
appLogger.Warn("advisable when bound to localhost, and the bind configuration has")
|
||||||
|
appLogger.Warn("been detected as not being bound to localhost.")
|
||||||
|
appLogger.Warn("")
|
||||||
|
appLogger.Warn("===================================================================")
|
||||||
|
appLogger.Warn(" WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING ")
|
||||||
|
appLogger.Warn("===================================================================")
|
||||||
|
}
|
||||||
|
err = ls.Serve(viper.GetString("ldap.bind"))
|
||||||
|
} else {
|
||||||
|
err = ls.ServeTLS(
|
||||||
|
viper.GetString("ldap.bind"),
|
||||||
|
viper.GetString("ldap.key"),
|
||||||
|
viper.GetString("ldap.cert"),
|
||||||
|
)
|
||||||
|
}
|
||||||
|
if err != nil {
|
||||||
appLogger.Error("Error serving", "error", err)
|
appLogger.Error("Error serving", "error", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue