Rust bindings for the native OpenLDAP library with a few convenient abstractions for connecting, binding, configuring, and querying your LDAP server.
Using openldap is as easy as the following.
```rust extern crate openldap;
use openldap::; use openldap::errors::;
fn someldapfunction(ldapuri: &str, ldapuser: &str, ldappass: &str) -> Result<(), LDAPError> { let ldap = RustLDAP::new(ldapuri).unwrap();
ldap.set_option(codes::options::LDAP_OPT_PROTOCOL_VERSION,
&codes::versions::LDAP_VERSION3);
ldap.set_option(codes::options::LDAP_OPT_X_TLS_REQUIRE_CERT,
&codes::options::LDAP_OPT_X_TLS_DEMAND);
ldap.simple_bind(ldap_user, ldap_pass).unwrap();
// Returns a LDAPResponse, a.k.a. Vec<HashMap<String,Vec<String>>>.
let _ = ldap.simple_search("CN=Stephen,OU=People,DC=Earth",
codes::scopes::LDAP_SCOPE_BASE)
.unwrap();
Ok(())
}
fn main() { let ldapuri = "ldaps://localhost:636"; let ldapuser = "user"; let ldappass = "pass"; someldapfunction(ldapuri, ldapuser, ldappass).unwrap(); } ```
You should use start_tls before calling bind to avoid sending credentials in plain text over an untrusted network. See https://linux.die.net/man/3/ldapstarttls_s for more information
```rust fn someldapfunction(ldapuri: &str, ldapuser: &str, ldappass: &str) -> Result<(), LDAPError> { let ldap = RustLDAP::new(ldapuri).unwrap();
ldap.set_option(codes::options::LDAP_OPT_PROTOCOL_VERSION,
&codes::versions::LDAP_VERSION3);
ldap.set_option(codes::options::LDAP_OPT_X_TLS_REQUIRE_CERT,
&codes::options::LDAP_OPT_X_TLS_DEMAND);
ldap.set_option(openldap::codes::options::LDAP_OPT_X_TLS_NEWCTX, &0);
ldap.start_tls(None, None);
ldap.simple_bind(ldap_user, ldap_pass).unwrap();
Ok(())
}
``
On failure, anopenldap::errors::LDAPError` will be returned that includes a detailed
message from the native OpenLDAP library.
I'm happy to accept contributions. If you have work you want to be merged back into master, send me a pull request and I will be happy to look at it. I prefer changes which don't break the API, of course, but I'm willing to consider breaking changes.