From ce348a7a96f5c2a4d723d87505e47630cf409bc9 Mon Sep 17 00:00:00 2001 From: Kylie Czar Date: Sun, 28 Aug 2022 00:16:08 -0300 Subject: [PATCH] fix search for mediawiki --- handler/ldap_handlers.go | 58 +++++++++++++++++++++++++--------------- utils/ldap.go | 8 ++++-- 2 files changed, 43 insertions(+), 23 deletions(-) diff --git a/handler/ldap_handlers.go b/handler/ldap_handlers.go index 5baffc4..0e8ad70 100644 --- a/handler/ldap_handlers.go +++ b/handler/ldap_handlers.go @@ -4,7 +4,7 @@ import ( "crypto/tls" "fmt" "net/smtp" - "log" + "github.com/lor00x/goldap/message" ldap "github.com/vjeantet/ldapserver" @@ -13,6 +13,7 @@ import ( var smtpHost = utils.Env("SMTP_HOSTNAME") var smtpPort = utils.Env("SMTP_PORT") +var base = utils.Env("LDAP_BASE") var smtpHostPort = fmt.Sprintf("%s:%s", smtpHost,smtpPort) var tlsconfig = &tls.Config { @@ -20,10 +21,7 @@ var tlsconfig = &tls.Config { ServerName: smtpHost, } -func Bind(w ldap.ResponseWriter, m *ldap.Message) { - - log.Print("BIND REQUEST", m.LDAPMessage.ProtocolOpName()) - +func Bind(w ldap.ResponseWriter, m *ldap.Message) { r := m.GetBindRequest() res := ldap.NewBindResponse(ldap.LDAPResultSuccess) name := string(r.Name()) @@ -34,38 +32,29 @@ func Bind(w ldap.ResponseWriter, m *ldap.Message) { w.Write(res) return } - log.Print("Name",name) + password := string(r.AuthenticationSimple()) - log.Print("BEFORE USER") user := utils.GetUser(name) - log.Print("AFTER USER") mail := utils.GetMail(user) - log.Print("Auth ", smtpHost, " ",user, " ", mail) auth := smtp.PlainAuth("", mail, password, smtpHost) - log.Print("Dial ", smtpHostPort) client, error := smtp.Dial(smtpHostPort) if error != nil { res.SetResultCode(ldap.LDAPResultInvalidCredentials) - log.Print("invalid credentials DIAL ", error, " host: ",smtpHostPort) res.SetDiagnosticMessage("invalid credentials") w.Write(res) return } - log.Print("StartTLS") client.StartTLS(tlsconfig) - log.Print("Client AUTH") err := client.Auth(auth) if err != nil { res.SetResultCode(ldap.LDAPResultInvalidCredentials) - log.Print("invalid credentials AUTH ", err) res.SetDiagnosticMessage("invalid credentials") w.Write(res) return } - log.Print("Success") w.Write(res) } @@ -75,26 +64,53 @@ func WhoAmI(w ldap.ResponseWriter, m *ldap.Message) { } func Search(w ldap.ResponseWriter, m *ldap.Message) { - log.Print("Searching") r := m.GetSearchRequest() select { case <-m.Done: return default: } + name := string(r.BaseObject()) - log.Print("Name ",name) - if name == ""{ + search := false + + if name == base { + name = string(r.FilterString()) + search = true + } + + if name == "" { + response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject) + w.Write(response) + return + } + + var user string; + + if(search) { + user = utils.GetSearchUser(name) + } else { + user = utils.GetUser(name) + } + + if user == ""{ + response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject) + w.Write(response) return } - user := utils.GetUser(name) mail := utils.GetMail(user) - attr := utils.GetLdapName(user) + + if mail == ""{ + response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject) + w.Write(response) + return + } + + attr := utils.GetLdapName(user) entry := ldap.NewSearchResultEntry(attr) entry.AddAttribute("mail", message.AttributeValue(mail)) entry.AddAttribute("cn", message.AttributeValue(user)) - log.Print(entry) w.Write(entry) response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess) w.Write(response) diff --git a/utils/ldap.go b/utils/ldap.go index 81137c7..ae12fe8 100644 --- a/utils/ldap.go +++ b/utils/ldap.go @@ -2,7 +2,6 @@ package utils import ( "fmt" - "log" ) func GetMail(user string) string { @@ -15,14 +14,19 @@ func GetLdapName(user string) string { func GetUser(name string) string { endIndex := len(name) - BaseLenght + if endIndex < 0 { + return "" + } user := name[UidLenght:endIndex] - log.Print("User ", user) return user } func GetSearchUser(name string) string { startIndex := UidLenght + 1 endIndex := len(name) - 1 + if endIndex < 0 { + return "" + } user := name[startIndex:endIndex] return user }