[PR #1389] [MERGED] refactor(server): migrate to rustls 0.23 and centralize TLS logic #1293

New issue

Closed

opened 2026-02-27 09:11:38 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 09:11:38 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/lldap/lldap/pull/1389
Author: @lyzstrik
Created: 1/25/2026
Status: ✅ Merged
Merged: 1/31/2026
Merged by: @nitnelave

Base: main ← Head: refactor/migrate-to-rustls-0.23

📝 Commits (3)

804a762 refactor(server): migrate to rustls 0.23 and centralize TLS logic
62e5b9b fmt
6b79e61 fix: handle IP addresses in server name parsing

📊 Changes

7 files changed (+195 additions, -150 deletions)

View changed files

📝 Cargo.lock (+65 -50)
📝 server/Cargo.toml (+17 -9)
📝 server/src/healthcheck.rs (+79 -42)
📝 server/src/ldap_server.rs (+12 -49)
📝 server/src/main.rs (+1 -0)
📝 server/src/mod.rs (+1 -0)
➕ server/src/tls.rs (+20 -0)

📄 Description

Context

This PR is the first part of splitting #1367, as requested.
It focuses solely on the technical migration to Rustls 0.23 and code refactoring, without adding the new HTTPS feature yet.

Key changes:

Dependencies: Updated 'rustls' (v0.23), 'tokio-rustls' (v0.26), and 'actix-web' (v4.12.1).
Build Fix: Configured 'rustls' to use the 'ring' provider (disabling default 'aws-lc-rs') to ensure ARMv7 compatibility.
Refactor: Created 'server/src/tls.rs' to handle certificate loading (DRY).
LDAP: Updated 'ldap_server.rs' to use the new TLS module and Rustls APIs.
Healthcheck: Updated 'healthcheck.rs' to use Rustls 0.23 types.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/lldap/lldap/pull/1389 **Author:** [@lyzstrik](https://github.com/lyzstrik) **Created:** 1/25/2026 **Status:** ✅ Merged **Merged:** 1/31/2026 **Merged by:** [@nitnelave](https://github.com/nitnelave) **Base:** `main` ← **Head:** `refactor/migrate-to-rustls-0.23` --- ### 📝 Commits (3) - [`804a762`](https://github.com/lldap/lldap/commit/804a76282e9fa5282a2388ee3454ffeae42a8ced) refactor(server): migrate to rustls 0.23 and centralize TLS logic - [`62e5b9b`](https://github.com/lldap/lldap/commit/62e5b9b60364f8c2f9b75b5f5fb41178feb0afc8) fmt - [`6b79e61`](https://github.com/lldap/lldap/commit/6b79e613137ebd39c9dadc8f4b17051785baa9e9) fix: handle IP addresses in server name parsing ### 📊 Changes **7 files changed** (+195 additions, -150 deletions) <details> <summary>View changed files</summary> 📝 `Cargo.lock` (+65 -50) 📝 `server/Cargo.toml` (+17 -9) 📝 `server/src/healthcheck.rs` (+79 -42) 📝 `server/src/ldap_server.rs` (+12 -49) 📝 `server/src/main.rs` (+1 -0) 📝 `server/src/mod.rs` (+1 -0) ➕ `server/src/tls.rs` (+20 -0) </details> ### 📄 Description ### Context This PR is the first part of splitting #1367, as requested. It focuses solely on the technical migration to **Rustls 0.23** and code refactoring, without adding the new HTTPS feature yet. Key changes: - Dependencies: Updated 'rustls' (v0.23), 'tokio-rustls' (v0.26), and 'actix-web' (v4.12.1). - Build Fix: Configured 'rustls' to use the 'ring' provider (disabling default 'aws-lc-rs') to ensure ARMv7 compatibility. - Refactor: Created 'server/src/tls.rs' to handle certificate loading (DRY). - LDAP: Updated 'ldap_server.rs' to use the new TLS module and Rustls APIs. - Healthcheck: Updated 'healthcheck.rs' to use Rustls 0.23 types. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>