Initial commit

handler/ldap_handlers.go

@@ -0,0 +1,74 @@
+package handler
+
+import (
+	"crypto/tls"
+	"fmt"
+	"net/smtp"
+
+	"github.com/lor00x/goldap/message"
+	ldap "github.com/vjeantet/ldapserver"
+
+	"gt.kalli.st/czar/fsldap/config"
+	"gt.kalli.st/czar/fsldap/utils"
+)
+
+
+var smtpHost = config.SmtpHostname
+var smtpHostPort = fmt.Sprintf("%s:%s", smtpHost,config.SmtpPort)
+
+var tlsconfig = &tls.Config {
+        InsecureSkipVerify: true,
+	ServerName: smtpHost,
+}
+
+func Bind(w ldap.ResponseWriter, m *ldap.Message) {
+	r := m.GetBindRequest()
+	res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
+	name := string(r.Name())
+	password := string(r.AuthenticationSimple())
+	user := utils.GetUser(name)
+	mail := utils.GetMail(user)
+	auth := smtp.PlainAuth("", mail, password, smtpHost)
+	client, error := smtp.Dial(smtpHostPort)
+	if error != nil {
+		res.SetResultCode(ldap.LDAPResultInvalidCredentials)
+		res.SetDiagnosticMessage("invalid credentials")
+		w.Write(res)
+		return
+	}
+	client.StartTLS(tlsconfig)
+	err := client.Auth(auth)
+	if err != nil {
+		res.SetResultCode(ldap.LDAPResultInvalidCredentials)
+		res.SetDiagnosticMessage("invalid credentials")
+		w.Write(res)
+		return
+	}
+	w.Write(res)
+}
+
+func WhoAmI(w ldap.ResponseWriter, m *ldap.Message) {
+	res := ldap.NewExtendedResponse(ldap.LDAPResultSuccess)
+	w.Write(res)
+}
+
+func Search(w ldap.ResponseWriter, m *ldap.Message) {
+	r := m.GetSearchRequest()	
+	select {
+	case <-m.Done:
+		return
+	default:
+	}
+	name := string(r.FilterString())
+	if name == ""{
+		return
+	}
+	user := utils.GetSearchUser(name)
+	mail := utils.GetMail(user)
+	attr := utils.GetLdapName(user)
+	entry := ldap.NewSearchResultEntry(attr)
+	entry.AddAttribute("mail", message.AttributeValue(mail))
+	w.Write(entry)	
+	response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
+	w.Write(response)	
+}