From be1d9e959a324f487223c82497899e72f63968f1 Mon Sep 17 00:00:00 2001
From: mbchristoff <49072643+mbchristoff@users.noreply.github.com>
Date: Mon, 20 Apr 2020 11:45:33 +0200
Subject: [PATCH] Add STARTTLS option.

---
 configuration/ldap_config.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/configuration/ldap_config.py b/configuration/ldap_config.py
index ba2067c..63d06f1 100644
--- a/configuration/ldap_config.py
+++ b/configuration/ldap_config.py
@@ -37,6 +37,9 @@ AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', read_secret(
 # Set a string template that describes any user’s distinguished name based on the username.
 AUTH_LDAP_USER_DN_TEMPLATE = os.environ.get('AUTH_LDAP_USER_DN_TEMPLATE', None)
 
+# Enable STARTTLS for ldap authentication.
+AUTH_LDAP_START_TLS = os.environ.get('AUTH_LDAP_START_TLS', '')
+
 # Include this setting if you want to ignore certificate errors. This might be needed to accept a self-signed cert.
 # Note that this is a NetBox-specific setting which sets:
 #     ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)