Please add support for SSL/LDAPS

[rfdrake]

In ubuntu this can be handled by adding "libio-socket-ssl-perl". I'm not sure if there is a package for Alpine.

Here is an example of it failing during a test:

root@9776b300fb26:/tacacs/lib/mavis# printf "0 TACPLUS\n4 $USER\n8 $PASS\n49 AUTH\n=\n" | /tacacs/lib/mavis/mavis_tacplus_ldap.pl
Warning: IO::Socket::SSL.pm not found. Neither StartTLS nor LDAPS connections will work.
Can't locate IO/Socket/SSL.pm in @INC (you may need to install the IO::Socket::SSL module) (@INC contains: /tacacs/lib/mavis/ /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.26.1 /usr/local/share/perl/5.26.1 /usr/lib/x86_64-linux-gnu/perl5/5.26 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.26 /usr/share/perl/5.26 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at /usr/share/perl5/Net/LDAP.pm line 194, <> chunk 1.

[lfkeitel]

Give it a try with either lfkeitel/tacacs_plus:ubuntu-202003061410 or lfkeitel/tacacs_plus:alpine-202003061410. These images are updated with the latest event-driven-servers code and should now have the SSL Perl module installed.

[federstedt]

Hi! I can confirm that LDAPS still doesn't work. I think some required package is missing not sure which one though. Removing this from Dockerfile and then building makes LDAPS work fine for me: --no-install-recommends (line 32)

Otherwise ldaps just fails silently the mavis test just times out:

/tacacs/bin/mavistest -d -1 /etc/tac_plus/tac_plus.cfg tac_plus TACPLUS SomeUserName SomeUserPassword

Input attribute-value-pairs: TYPE TACPLUS TIMESTAMP mavistest-51-1600538676-0 USER SomeUserName PASSWORD SomeUserPassword TACTYPE AUTH

[lfkeitel]

Try ubuntu-202006201038. I removed the no-install-recommends option.

[federstedt]

lfkeitel/tacacs_plus:ubuntu-202006201038 works fine with LDAPS for me now. Thanks!