diff --git a/Cargo.lock b/Cargo.lock index 9598f3fad..93515a5bb 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -603,9 +603,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bitflags" -version = "2.11.1" +version = "2.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4512299f36f043ab09a583e57bceb5a5aab7a73db1805848e8fef3c9e8c78b3" +checksum = "84d7ced0ae9557296835c32bf1b1e02b44c746701f898460fb000d7eaa84f00a" dependencies = [ "serde_core", ] @@ -765,9 +765,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.2.62" +version = "1.2.63" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1dce859f0832a7d088c4f1119888ab94ef4b5d6795d1ce05afb7fe159d79f98" +checksum = "556e016178bb5662a08681bbe0f00f8e17631781a4dfc8c45e466e4b185ec27f" dependencies = [ "find-msvc-tools", "jobserver", @@ -1456,7 +1456,6 @@ dependencies = [ "ipnetwork", "jsonwebkey", "jsonwebtoken", - "lber", "ldap3", "matches", "md4", @@ -1921,15 +1920,15 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e0e367e4e7da84520dedcac1901e4da967309406d1e51017ae1abfb97adbd38" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "objc2", ] [[package]] name = "displaydoc" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" +checksum = "1ac70aa55017e108007fbaf5aa0f54b021c98f92ff8af59d42eda9da96e3dd4f" dependencies = [ "proc-macro2", "quote", @@ -2558,7 +2557,7 @@ version = "0.20.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7b88256088d75a56f8ecfa070513a775dd9107f6530ef14919dac831af9cfe2b" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "libc", "libgit2-sys", "log", @@ -2584,7 +2583,7 @@ version = "0.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0bf760ebf69878d9fd8f110c89703d90ce35095324d1f1edcb595c63945ee757" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "ignore", "walkdir", ] @@ -2860,9 +2859,9 @@ checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" [[package]] name = "hyper" -version = "1.9.0" +version = "1.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6299f016b246a94207e63da54dbe807655bf9e00044f73ded42c3ac5305fbcca" +checksum = "55281c53a1894c864990125767da440a4e630446785086f52523b20033b74498" dependencies = [ "atomic-waker", "bytes", @@ -3273,7 +3272,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ba781c43eb46c3bbf5bfda541139eed9a52b78d7c3aa74d516918885ecd63c40" dependencies = [ "base64 0.22.1", - "bitflags 2.11.1", + "bitflags 2.12.1", "num-bigint", "serde", "serde_json", @@ -3341,8 +3340,7 @@ dependencies = [ [[package]] name = "lber" version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cbcf559624bfd9fe8d488329a8959766335a43a9b8b2cdd6a2c379fca02909a5" +source = "git+https://github.com/DefGuard/ldap3?rev=8b7f3d3ae6ee3ebf9c9248765d9b36c2cd114139#8b7f3d3ae6ee3ebf9c9248765d9b36c2cd114139" dependencies = [ "bytes", "nom 7.1.3", @@ -3351,8 +3349,7 @@ dependencies = [ [[package]] name = "ldap3" version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "01fe89f5e7cfb7e4701e3a38ff9f00358e026a9aee940355d88ee9d81e5c7503" +source = "git+https://github.com/DefGuard/ldap3?rev=8b7f3d3ae6ee3ebf9c9248765d9b36c2cd114139#8b7f3d3ae6ee3ebf9c9248765d9b36c2cd114139" dependencies = [ "async-trait", "bytes", @@ -3428,9 +3425,9 @@ dependencies = [ [[package]] name = "libgit2-sys" -version = "0.18.4+1.9.3" +version = "0.18.5+1.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b26f66f35e1871b22efcf7191564123d2a446ca0538cde63c23adfefa9b15b7" +checksum = "005d6ae6eac1912906073e069f7db60b1fa98e052a68227824afe3e3a1c59ca2" dependencies = [ "cc", "libc", @@ -3446,14 +3443,14 @@ checksum = "b6d2cec3eae94f9f509c767b45932f1ada8350c4bdb85af2fcab4a3c14807981" [[package]] name = "libredox" -version = "0.1.16" +version = "0.1.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e02f3bb43d335493c96bf3fd3a321600bf6bd07ed34bc64118e9293bdffea46c" +checksum = "f02ab6bace2054fb888a3c16f990117b579d14a3088e472d63c6011fa185c9d3" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "libc", "plain", - "redox_syscall 0.7.5", + "redox_syscall 0.8.1", ] [[package]] @@ -3468,9 +3465,9 @@ dependencies = [ [[package]] name = "libz-sys" -version = "1.1.28" +version = "1.1.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc3a226e576f50782b3305c5ccf458698f92798987f551c6a02efe8276721e22" +checksum = "85bc9657773828b90eeb625adff10eeac83cc21bbfd8e23a03eaa8a33c9e28d9" dependencies = [ "cc", "libc", @@ -3507,9 +3504,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.30" +version = "0.4.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "616ec5685824bcc94416c6d4a7a446eea774a31efd7062c8480ba6fd06d7a6e5" +checksum = "113b30b4cd05f7c06868fdb2854f66a7b9fece9a48425351cd532e810d74024f" [[package]] name = "loop9" @@ -3670,9 +3667,9 @@ dependencies = [ [[package]] name = "mio" -version = "1.2.0" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1" +checksum = "02bd0af71c67b473010cbbc60715ee815645a4dc942899111f494b4b737d6fda" dependencies = [ "libc", "wasi", @@ -3749,7 +3746,7 @@ version = "0.31.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf20d2fde8ff38632c426f1165ed7436270b44f199fc55284c38276f9db47c3d" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "cfg-if", "cfg_aliases", "libc", @@ -3961,7 +3958,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "73ad74d880bb43877038da939b7427bba67e9dd42004a18b809ba7d87cee241c" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "objc2", "objc2-foundation", ] @@ -3982,7 +3979,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2a180dd8642fa45cdb7dd721cd4c11b1cadd4929ce112ebd8b9f5803cc79d536" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "dispatch2", "objc2", ] @@ -3993,7 +3990,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e022c9d066895efa1345f8e33e584b9f958da2fd4cd116792e15e07e4720a807" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "dispatch2", "objc2", "objc2-core-foundation", @@ -4026,7 +4023,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0cde0dfb48d25d2b4862161a4d5fcc0e3c24367869ad306b0c9ec0073bfed92d" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "objc2", "objc2-core-foundation", "objc2-core-graphics", @@ -4044,7 +4041,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3e0adef53c21f888deb4fa59fc59f7eb17404926ee8a6f59f5df0fd7f9f3272" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "block2", "libc", "objc2", @@ -4057,7 +4054,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "180788110936d59bab6bd83b6060ffdfffb3b922ba1396b312ae795e1de9d81d" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "objc2", "objc2-core-foundation", ] @@ -4068,7 +4065,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "96c1358452b371bf9f104e21ec536d37a650eb10f7ee379fff67d2e08d537f1f" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "objc2", "objc2-core-foundation", "objc2-foundation", @@ -4080,7 +4077,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d87d638e33c06f577498cbcc50491496a3ed4246998a7fbba7ccb98b1e7eab22" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "block2", "objc2", "objc2-cloud-kit", @@ -4190,7 +4187,7 @@ version = "0.10.80" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a45fa2aa886c42762255da344f0a0d313e254066c46aad76f300c3d3da62d967" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "cfg-if", "foreign-types", "libc", @@ -4689,7 +4686,7 @@ version = "0.18.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "60769b8b31b2a9f263dae2776c37b1b28ae246943cf719eb6946a1db05128a61" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "crc32fast", "fdeflate", "flate2", @@ -4875,7 +4872,7 @@ version = "0.13.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e9f068eba8e7071c5f9511831b44f32c740d5adf574e990f946ddb53db2f314e" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "getopts", "memchr", "pulldown-cmark-escape", @@ -5145,7 +5142,7 @@ version = "11.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "498cd0dc59d73224351ee52a95fee0f1a617a2eae0e7d9d720cc622c73a54186" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", ] [[package]] @@ -5188,16 +5185,16 @@ version = "0.5.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ed2bf2547551a7053d6fdfafda3f938979645c44812fbfcda098faae3f1a362d" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", ] [[package]] name = "redox_syscall" -version = "0.7.5" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4666a1a60d8412eab19d94f6d13dcc9cea0a5ef4fdf6a5db306537413c661b1b" +checksum = "5b44b894f2a6e36457d665d1e08c3866add6ed5e70050c1b4ba8a8ddedb02ce7" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", ] [[package]] @@ -5441,7 +5438,7 @@ version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b6fe4565b9518b83ef4f91bb47ce29620ca828bd32cb7e408f0062e9930ba190" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "errno", "libc", "linux-raw-sys", @@ -5466,9 +5463,9 @@ dependencies = [ [[package]] name = "rustls-native-certs" -version = "0.8.3" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "612460d5f7bea540c490b2b6395d8e34a953e52b491accd6c86c8164c5932a63" +checksum = "dab5152771c58876a2146916e53e35057e1a4dfa2b9df0f0305b07f611fdea4d" dependencies = [ "openssl-probe", "rustls-pki-types", @@ -5589,7 +5586,7 @@ version = "3.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b7f4bc775c73d9a02cde8bf7b2ec4c9d12743edf609006c7facc23998404cd1d" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "core-foundation 0.10.1", "core-foundation-sys", "libc", @@ -5612,7 +5609,7 @@ version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c5d9c0c92a92d33f08817311cf3f2c29a3538a8240e94a6a3c622ce652d7e00c" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "cssparser 0.36.0", "derive_more 2.1.1", "log", @@ -5917,9 +5914,9 @@ dependencies = [ [[package]] name = "shlex" -version = "1.3.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" +checksum = "f8fadd59c855ef2080decdef8ff161eb6661b86933c9d82e5ba29dc602a55aba" [[package]] name = "signal-hook-registry" @@ -6022,9 +6019,9 @@ dependencies = [ [[package]] name = "socket2" -version = "0.6.3" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e" +checksum = "52d1cfed4120b4d927bf7c0f86d2087a4a7d6027c906d9f9d525a80573b9be51" dependencies = [ "libc", "windows-sys 0.61.2", @@ -6155,7 +6152,7 @@ checksum = "aa003f0038df784eb8fecbbac13affe3da23b45194bd57dba231c8f48199c526" dependencies = [ "atoi", "base64 0.22.1", - "bitflags 2.11.1", + "bitflags 2.12.1", "byteorder", "bytes", "chrono", @@ -6199,7 +6196,7 @@ checksum = "db58fcd5a53cf07c184b154801ff91347e4c30d17a3562a635ff028ad5deda46" dependencies = [ "atoi", "base64 0.22.1", - "bitflags 2.11.1", + "bitflags 2.12.1", "byteorder", "chrono", "crc", @@ -6454,7 +6451,7 @@ version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a13f3d0daba03132c0aa9767f98351b3488edc2c100cda2d2ec2b04f3d8d3c8b" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "core-foundation 0.9.4", "system-configuration-sys", ] @@ -6745,9 +6742,9 @@ dependencies = [ [[package]] name = "toml_edit" -version = "0.25.11+spec-1.1.0" +version = "0.25.12+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b59c4d22ed448339746c59b905d24568fcbb3ab65a500494f7b8c3e97739f2b" +checksum = "d2153edc6955a6c354fad8f5efd38b6a8769bdccf9fe50f8e1329f81b0baa5d7" dependencies = [ "indexmap 2.14.0", "toml_datetime", @@ -6885,7 +6882,7 @@ version = "0.6.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4cfcf7e2740e6fc6d4d688b4ef00650406bb94adf4731e43c096c3a19fe40840" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "bytes", "futures-core", "futures-util", @@ -7026,9 +7023,9 @@ dependencies = [ [[package]] name = "typenum" -version = "1.20.0" +version = "1.20.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "40ce102ab67701b8526c123c1bab5cbe42d7040ccfd0f64af1a385808d2f43de" +checksum = "b6f5e870be6c3b371b77fe0ee0bafb859fa4964b4404c27de1d380043c4dda20" [[package]] name = "uaparser" @@ -7085,9 +7082,9 @@ checksum = "7df058c713841ad818f1dc5d3fd88063241cc61f49f5fbea4b951e8cf5a8d71d" [[package]] name = "unicode-segmentation" -version = "1.13.2" +version = "1.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9629274872b2bfaf8d66f5f15725007f635594914870f65218920345aa11aa8c" +checksum = "c6f5d3c3b1bf09027a88a6bc961fc00497d651009560b5463668dc81b0fa87a8" [[package]] name = "unicode-width" @@ -7206,9 +7203,9 @@ checksum = "e2eebbbfe4093922c2b6734d7c679ebfebd704a0d7e56dfcb0d05818ce28977d" [[package]] name = "uuid" -version = "1.23.1" +version = "1.23.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ddd74a9687298c6858e9b88ec8935ec45d22e8fd5e6394fa1bd4e99a87789c76" +checksum = "d258b83ceec21034727ecee8c382cfa6c3e133699b0742c64571814fb420c9f7" dependencies = [ "getrandom 0.4.2", "js-sys", @@ -7428,7 +7425,7 @@ version = "0.244.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "47b807c72e1bac69382b3a6fb3dbe8ea4c0ed87ff5629b8685ae6b9a611028fe" dependencies = [ - "bitflags 2.11.1", + "bitflags 2.12.1", "hashbrown 0.15.5", "indexmap 2.14.0", "semver", @@ -8000,7 +7997,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d66ea20e9553b30172b5e831994e35fbde2d165325bec84fc43dbf6f4eb9cb2" dependencies = [ "anyhow", - "bitflags 2.11.1", + "bitflags 2.12.1", "indexmap 2.14.0", "log", "serde", @@ -8142,18 +8139,18 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.8.48" +version = "0.8.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eed437bf9d6692032087e337407a86f04cd8d6a16a37199ed57949d415bd68e9" +checksum = "3b065d4f0e55f82fae73202e189638116a87c55ab6b8e6c2721e13dd9d854ad1" dependencies = [ "zerocopy-derive", ] [[package]] name = "zerocopy-derive" -version = "0.8.48" +version = "0.8.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70e3cd084b1788766f53af483dd21f93881ff30d7320490ec3ef7526d203bad4" +checksum = "0b631b19d36a892ab55420c92dbc83ccd79274f25be714855d3074aa71cab639" dependencies = [ "proc-macro2", "quote", diff --git a/Cargo.toml b/Cargo.toml index a2d99fc81..76ec4dd0f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,7 +34,9 @@ model_derive = { path = "./crates/model_derive", version = "0.0.0" } anyhow = "1.0" argon2 = { version = "0.5", features = ["std"] } axum = "0.8" -axum-client-ip = { version = "1.3", default-features = false, features = ["forwarded-header"] } +axum-client-ip = { version = "1.3", default-features = false, features = [ + "forwarded-header", +] } axum-server = { version = "0.8", features = ["tls-rustls"] } axum-extra = { version = "0.12", features = [ "cookie-private", @@ -59,7 +61,7 @@ humantime = "2.1" ipnetwork = "0.20" jsonwebkey = { version = "0.4", features = ["pkcs-convert"] } jsonwebtoken = { version = "10.3", features = ["rust_crypto"] } -ldap3 = { version = "0.12", default-features = false, features = ["tls"] } +ldap3 = { git = "https://github.com/DefGuard/ldap3", rev = "8b7f3d3ae6ee3ebf9c9248765d9b36c2cd114139", features = ["tls"] } lettre = { version = "0.11", default-features = false, features = [ "builder", "smtp-transport", diff --git a/crates/defguard_core/Cargo.toml b/crates/defguard_core/Cargo.toml index 3552fb355..71005e69b 100644 --- a/crates/defguard_core/Cargo.toml +++ b/crates/defguard_core/Cargo.toml @@ -91,7 +91,6 @@ async-stream = "0.3" [dev-dependencies] claims.workspace = true hyper-util = "0.1" -lber = "0.5" matches.workspace = true reqwest = { version = "0.12", features = [ "cookies", diff --git a/crates/defguard_core/src/enterprise/ldap/client.rs b/crates/defguard_core/src/enterprise/ldap/client.rs index 832142271..c475efd6e 100644 --- a/crates/defguard_core/src/enterprise/ldap/client.rs +++ b/crates/defguard_core/src/enterprise/ldap/client.rs @@ -6,7 +6,7 @@ use std::{ use defguard_common::db::models::{Settings, User}; use ldap3::{ - LdapConnAsync, LdapConnSettings, Mod, Scope, SearchEntry, + LdapConnAsync, LdapConnSettings, Mod, ResultEntry, Scope, SearchEntry, adapters::{Adapter, EntriesOnly, PagedResults}, drive, ldap_escape, }; @@ -16,6 +16,17 @@ use crate::enterprise::ldap::model::{extract_rdn_value, is_search_entry}; const STREAMING_PAGE_SIZE: i32 = 500; +/// Decodes a raw result entry, logging and dropping entries that fail. +fn try_construct_entry(entry: ResultEntry) -> Option { + match SearchEntry::try_construct(entry) { + Ok(entry) => Some(entry), + Err(err) => { + warn!("Skipping malformed LDAP entry that failed to decode: {err}"); + None + } + } +} + impl LDAPConnection { pub async fn create() -> Result { let settings = Settings::get_current_settings(); @@ -62,7 +73,7 @@ impl LDAPConnection { Ok(entries .into_iter() .filter(is_search_entry) - .map(SearchEntry::construct) + .filter_map(try_construct_entry) .collect()) } @@ -80,7 +91,7 @@ impl LDAPConnection { entries.retain(is_search_entry); if let Some(entry) = entries.pop() { debug!("Found LDAP object with DN {dn}: {entry:?}"); - Ok(Some(SearchEntry::construct(entry))) + Ok(try_construct_entry(entry)) } else { debug!("No LDAP object found with DN {dn}"); Ok(None) @@ -135,7 +146,9 @@ impl LDAPConnection { let mut groups = Vec::new(); for entry in entries.into_iter().filter(is_search_entry) { - let se = SearchEntry::construct(entry); + let Some(se) = try_construct_entry(entry) else { + continue; + }; for (key, mut values) in se.attrs { if key.eq_ignore_ascii_case(&self.config.ldap_groupname_attr) { groups.append(&mut values); @@ -169,7 +182,7 @@ impl LDAPConnection { Ok(rs .into_iter() .filter(is_search_entry) - .map(SearchEntry::construct) + .filter_map(try_construct_entry) .collect()) } @@ -338,7 +351,9 @@ impl LDAPConnection { let mut member_entries = Vec::new(); while let Some(entry) = search_stream.next().await? { - member_entries.push(SearchEntry::construct(entry)); + if let Some(entry) = try_construct_entry(entry) { + member_entries.push(entry); + } } let members = member_entries @@ -440,7 +455,9 @@ impl LDAPConnection { let mut entries = Vec::new(); while let Some(entry) = search_stream.next().await? { - entries.push(SearchEntry::construct(entry)); + if let Some(entry) = try_construct_entry(entry) { + entries.push(entry); + } } debug!("Performed LDAP user search"); @@ -479,7 +496,9 @@ impl LDAPConnection { let mut memberships = Vec::new(); while let Some(entry) = search_stream.next().await? { - memberships.push(SearchEntry::construct(entry)); + if let Some(entry) = try_construct_entry(entry) { + memberships.push(entry); + } } debug!("Performed LDAP group memberships search"); diff --git a/crates/defguard_core/src/enterprise/ldap/model.rs b/crates/defguard_core/src/enterprise/ldap/model.rs index d497d59ef..7871b6ddc 100644 --- a/crates/defguard_core/src/enterprise/ldap/model.rs +++ b/crates/defguard_core/src/enterprise/ldap/model.rs @@ -350,8 +350,8 @@ pub(crate) fn extract_rdn_value(dn: &str) -> Option { /// Returns true only for a SearchResultEntry (LDAP protocol op id 4). /// /// Referrals (id 19), intermediate responses (id 25), and any other result type -/// are rejected. This mirrors the id that `SearchEntry::construct` requires, so a -/// `true` result guarantees `construct` will not panic on the entry. +/// are rejected. This mirrors the id that `SearchEntry::try_construct` requires, so a +/// `true` result guarantees the entry will decode. #[must_use] pub(super) fn is_search_entry(entry: &ResultEntry) -> bool { entry.0.id == 4 @@ -375,11 +375,10 @@ pub(crate) fn extract_dn_path(dn: &str) -> Option { mod tests { use std::collections::HashMap; - use lber::{ - common::TagClass, - structure::{PL, StructureTag}, + use ldap3::{ + ResultEntry, SearchEntry, + asn1::{PL, StructureTag, TagClass}, }; - use ldap3::{ResultEntry, SearchEntry}; use super::*; @@ -395,7 +394,7 @@ mod tests { #[test] fn is_search_entry_accepts_only_real_entries() { - // id 4 is a SearchResultEntry, the only type SearchEntry::construct accepts. + // id 4 is a SearchResultEntry, the only type SearchEntry::try_construct accepts. assert!(is_search_entry(&result_entry(4))); // id 19 is a referral, id 25 an intermediate response. assert!(!is_search_entry(&result_entry(19)));