From 567fe7b2594f0fae79721e4a9949e0391a00201d Mon Sep 17 00:00:00 2001
From: Firstyear <william@blackhats.net.au>
Date: Fri, 28 Mar 2025 10:46:00 +1000
Subject: [PATCH] Add max_ber_size to freeipa sync (#3530)
---
tools/iam_migrations/freeipa/src/config.rs | 3 +++
tools/iam_migrations/freeipa/src/main.rs | 1 +
tools/iam_migrations/ldap/src/config.rs | 6 +++---
3 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/tools/iam_migrations/freeipa/src/config.rs b/tools/iam_migrations/freeipa/src/config.rs
index e13876b6c..1080108b9 100644
--- a/tools/iam_migrations/freeipa/src/config.rs
+++ b/tools/iam_migrations/freeipa/src/config.rs
@@ -16,6 +16,9 @@ pub struct Config {
pub sync_password_as_unix_password: Option<bool>,
+ /// Maximum LDAP message size (in kilobytes)
+ pub max_ber_size: Option<usize>,
+
// pub entry: Option<Vec<EntryConfig>>,
#[serde(flatten)]
pub entry_map: BTreeMap<Uuid, EntryConfig>,
diff --git a/tools/iam_migrations/freeipa/src/main.rs b/tools/iam_migrations/freeipa/src/main.rs
index 7e682b69c..34aaa07b1 100644
--- a/tools/iam_migrations/freeipa/src/main.rs
+++ b/tools/iam_migrations/freeipa/src/main.rs
@@ -306,6 +306,7 @@ async fn run_sync(
// Preflight check.
// * can we connect to ipa?
let mut ipa_client = match LdapClientBuilder::new(&sync_config.ipa_uri)
+ .max_ber_size(sync_config.max_ber_size)
.add_tls_ca(&sync_config.ipa_ca)
.build()
.await
diff --git a/tools/iam_migrations/ldap/src/config.rs b/tools/iam_migrations/ldap/src/config.rs
index dd7c48049..eddb9b0c8 100644
--- a/tools/iam_migrations/ldap/src/config.rs
+++ b/tools/iam_migrations/ldap/src/config.rs
@@ -113,11 +113,11 @@ pub struct Config {
#[serde(default)]
pub group_attr_schema: GroupAttrSchema,
- #[serde(flatten)]
- pub entry_map: BTreeMap<Uuid, EntryConfig>,
-
/// Maximum LDAP message size (in kilobytes)
pub max_ber_size: Option<usize>,
+
+ #[serde(flatten)]
+ pub entry_map: BTreeMap<Uuid, EntryConfig>,
}
#[derive(Debug, Deserialize, Default, Clone)]