ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-08-11 00:24:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

ldap: Add client certificate support (#6668)

Browse source 
* Set up secure ldap server

* ldap: Added client cert options

Shamelessly copied from https://github.com/andrewshulgin/ldap_search

* Added tests for ldap client authentication

* Add changelog fragment

* Make sure the openssl commands work on older versions of openssl

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Remove aliases for new arguments

* Add required_together to ldap module declerations

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Gnonthgol 2023-06-15 07:19:29 +02:00 committed by GitHub
commit f3ecf4c7f8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 121 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
plugins/modules/ldap_attrs.py
View file

@ -182,7 +182,7 @@ import traceback
from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils.common.text.converters import to_native, to_bytes, to_text
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs, ldap_required_together
import re
@ -300,6 +300,7 @@ def main():
state=dict(type='str', default='present', choices=['absent', 'exact', 'present']),
),
supports_check_mode=True,
required_together=ldap_required_together(),
)
if not HAS_LDAP:

3
plugins/modules/ldap_entry.py
View file

@ -151,7 +151,7 @@ import traceback
from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils.common.text.converters import to_native, to_bytes
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs, ldap_required_together
LDAP_IMP_ERR = None
try:
@ -255,6 +255,7 @@ def main():
),
required_if=[('state', 'present', ['objectClass'])],
supports_check_mode=True,
required_together=ldap_required_together(),
)
if not HAS_LDAP:

3
plugins/modules/ldap_passwd.py
View file

@ -72,7 +72,7 @@ modlist:
import traceback
from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs, ldap_required_together
LDAP_IMP_ERR = None
try:
@ -133,6 +133,7 @@ def main():
module = AnsibleModule(
argument_spec=gen_specs(passwd=dict(no_log=True)),
supports_check_mode=True,
required_together=ldap_required_together(),
)
if not HAS_LDAP:

3
plugins/modules/ldap_search.py
View file

@ -113,7 +113,7 @@ import traceback
from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
from ansible.module_utils.six import string_types, text_type
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs
from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs, ldap_required_together
LDAP_IMP_ERR = None
try:
@ -136,6 +136,7 @@ def main():
base64_attributes=dict(type='list', elements='str'),
),
supports_check_mode=True,
required_together=ldap_required_together(),
)
if not HAS_LDAP: