Rust bindings for the native OpenLDAP library with a few convenient abstractions for connecting, binding, configuring, and querying your LDAP server.
Using openldap is as easy as the following.
extern crate openldap; use openldap::*; use openldap::errors::*; fn some_ldap_function(ldap_uri: &str, ldap_user: &str, ldap_pass: &str) -> Result<(), LDAPError> { let ldap = RustLDAP::new(ldap_uri).unwrap(); ldap.set_option(codes::options::LDAP_OPT_PROTOCOL_VERSION, &codes::versions::LDAP_VERSION3); ldap.set_option(codes::options::LDAP_OPT_X_TLS_REQUIRE_CERT, &codes::options::LDAP_OPT_X_TLS_DEMAND); ldap.simple_bind(ldap_user, ldap_pass).unwrap(); // Returns a LDAPResponse, a.k.a. Vec<HashMap<String,Vec<String>>>. let _ = ldap.simple_search("CN=Stephen,OU=People,DC=Earth", codes::scopes::LDAP_SCOPE_BASE) .unwrap(); Ok(()) } fn main() { let ldap_uri = "ldaps://localhost:636"; let ldap_user = "user"; let ldap_pass = "pass"; some_ldap_function(ldap_uri, ldap_user, ldap_pass).unwrap(); }You should use start_tls before calling bind to avoid sending credentials in plain text over an untrusted network. See https://linux.die.net/man/3/ldap_start_tls_s for more information
fn some_ldap_function(ldap_uri: &str, ldap_user: &str, ldap_pass: &str) -> Result<(), LDAPError> { let ldap = RustLDAP::new(ldap_uri).unwrap(); ldap.set_option(codes::options::LDAP_OPT_PROTOCOL_VERSION, &codes::versions::LDAP_VERSION3); ldap.set_option(codes::options::LDAP_OPT_X_TLS_REQUIRE_CERT, &codes::options::LDAP_OPT_X_TLS_DEMAND); ldap.set_option(openldap::codes::options::LDAP_OPT_X_TLS_NEWCTX, &0); ldap.start_tls(None, None); ldap.simple_bind(ldap_user, ldap_pass).unwrap(); Ok(()) } On failure, an openldap::errors::LDAPError will be returned that includes a detailed message from the native OpenLDAP library.
I'm happy to accept contributions. If you have work you want to be merged back into master, send me a pull request and I will be happy to look at it. I prefer changes which don't break the API, of course, but I'm willing to consider breaking changes.