diff --git a/auth/ldap.go b/auth/ldap.go index 75d092e..4d16ebe 100644 --- a/auth/ldap.go +++ b/auth/ldap.go @@ -1,7 +1,6 @@ package auth import ( - "crypto/tls" "errors" "os" "strings" @@ -13,15 +12,12 @@ import ( ) type LdapConfig struct { - Url string `json:"url"` - UserBase string `json:"user_base"` - SearchDN string `json:"search_dn"` - UserBind string `json:"user_bind"` - UserFilter string `json:"user_filter"` - TLS bool `json:"tls"` - - // Parsed using time.ParseDuration. - SyncInterval string `json:"sync_interval"` + Url string `json:"url"` + UserBase string `json:"user_base"` + SearchDN string `json:"search_dn"` + UserBind string `json:"user_bind"` + UserFilter string `json:"user_filter"` + SyncInterval string `json:"sync_interval"` // Parsed using time.ParseDuration. SyncDelOldUsers bool `json:"sync_del_old_users"` } @@ -64,13 +60,6 @@ func (auth *Authentication) getLdapConnection(admin bool) (*ldap.Conn, error) { return nil, err } - if auth.ldapConfig.TLS { - if err := conn.StartTLS(&tls.Config{InsecureSkipVerify: true}); err != nil { - conn.Close() - return nil, err - } - } - if admin { if err := conn.Bind(auth.ldapConfig.SearchDN, auth.ldapSyncUserPassword); err != nil { conn.Close()