server: Add a check for a changing private key
This checks that the private key used to encode the passwords has not changed since last successful startup, leading to a corruption of all the passwords. Lots of common scenario are covered, with various combinations of key in a file or from a seed, set in the config file or in an env variable or through CLI, and so on.
This commit is contained in:
Valentin Tolmer
committed by
nitnelave
nitnelave
parent
997119cdcf
commit
f2b1e73929
@@ -90,9 +90,13 @@ pub struct RunOpts {
|
||||
pub database_url: Option<String>,
|
||||
|
||||
/// Force admin password reset to the config value.
|
||||
#[clap(short, long, env = "LLDAP_FORCE_LADP_USER_PASS_RESET")]
|
||||
#[clap(long, env = "LLDAP_FORCE_LADP_USER_PASS_RESET")]
|
||||
pub force_ldap_user_pass_reset: Option<bool>,
|
||||
|
||||
/// Force update of the private key after a key change.
|
||||
#[clap(long, env = "LLDAP_FORCE_UPDATE_PRIVATE_KEY")]
|
||||
pub force_update_private_key: Option<bool>,
|
||||
|
||||
#[clap(flatten)]
|
||||
pub smtp_opts: SmtpOpts,
|
||||
|
||||
|
||||
Reference in New Issue
Block a user