From 6d0a4a91a37f8c2eaf0c08dca36756117b3b2826 Mon Sep 17 00:00:00 2001
From: Lou Knauer <lou.knauer@gmx.de>
Date: Tue, 15 Feb 2022 10:00:55 +0100
Subject: [PATCH] Remove needless tls option in ldap config

Go's LDAP client uses tls automatically if the url starts with 'ldaps'.
---
 auth/ldap.go | 23 ++++++-----------------
 1 file changed, 6 insertions(+), 17 deletions(-)

diff --git a/auth/ldap.go b/auth/ldap.go
index 75d092e..4d16ebe 100644
--- a/auth/ldap.go
+++ b/auth/ldap.go
@@ -1,7 +1,6 @@
 package auth
 
 import (
-	"crypto/tls"
 	"errors"
 	"os"
 	"strings"
@@ -13,15 +12,12 @@ import (
 )
 
 type LdapConfig struct {
-	Url        string `json:"url"`
-	UserBase   string `json:"user_base"`
-	SearchDN   string `json:"search_dn"`
-	UserBind   string `json:"user_bind"`
-	UserFilter string `json:"user_filter"`
-	TLS        bool   `json:"tls"`
-
-	// Parsed using time.ParseDuration.
-	SyncInterval    string `json:"sync_interval"`
+	Url             string `json:"url"`
+	UserBase        string `json:"user_base"`
+	SearchDN        string `json:"search_dn"`
+	UserBind        string `json:"user_bind"`
+	UserFilter      string `json:"user_filter"`
+	SyncInterval    string `json:"sync_interval"` // Parsed using time.ParseDuration.
 	SyncDelOldUsers bool   `json:"sync_del_old_users"`
 }
 
@@ -64,13 +60,6 @@ func (auth *Authentication) getLdapConnection(admin bool) (*ldap.Conn, error) {
 		return nil, err
 	}
 
-	if auth.ldapConfig.TLS {
-		if err := conn.StartTLS(&tls.Config{InsecureSkipVerify: true}); err != nil {
-			conn.Close()
-			return nil, err
-		}
-	}
-
 	if admin {
 		if err := conn.Bind(auth.ldapConfig.SearchDN, auth.ldapSyncUserPassword); err != nil {
 			conn.Close()