118 lines
2.5 KiB
Go
118 lines
2.5 KiB
Go
package handler
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"fmt"
|
|
"net/smtp"
|
|
|
|
"github.com/lor00x/goldap/message"
|
|
ldap "github.com/vjeantet/ldapserver"
|
|
|
|
"gt.kalli.st/czar/fsldap/utils"
|
|
)
|
|
|
|
var smtpHost = utils.Env("SMTP_HOSTNAME")
|
|
var smtpPort = utils.Env("SMTP_PORT")
|
|
var base = utils.Env("LDAP_BASE")
|
|
var smtpHostPort = fmt.Sprintf("%s:%s", smtpHost,smtpPort)
|
|
|
|
var tlsconfig = &tls.Config {
|
|
InsecureSkipVerify: true,
|
|
ServerName: smtpHost,
|
|
}
|
|
|
|
func Bind(w ldap.ResponseWriter, m *ldap.Message) {
|
|
r := m.GetBindRequest()
|
|
res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
|
|
name := string(r.Name())
|
|
|
|
if(len(name) == 0) {
|
|
res.SetResultCode(ldap.LDAPResultInvalidCredentials)
|
|
res.SetDiagnosticMessage("invalid credentials")
|
|
w.Write(res)
|
|
return
|
|
}
|
|
|
|
password := string(r.AuthenticationSimple())
|
|
|
|
user := utils.GetUser(name)
|
|
|
|
mail := utils.GetMail(user)
|
|
|
|
auth := smtp.PlainAuth("", mail, password, smtpHost)
|
|
client, error := smtp.Dial(smtpHostPort)
|
|
if error != nil {
|
|
res.SetResultCode(ldap.LDAPResultInvalidCredentials)
|
|
res.SetDiagnosticMessage("invalid credentials")
|
|
w.Write(res)
|
|
return
|
|
}
|
|
client.StartTLS(tlsconfig)
|
|
err := client.Auth(auth)
|
|
if err != nil {
|
|
res.SetResultCode(ldap.LDAPResultInvalidCredentials)
|
|
res.SetDiagnosticMessage("invalid credentials")
|
|
w.Write(res)
|
|
return
|
|
}
|
|
w.Write(res)
|
|
}
|
|
|
|
func WhoAmI(w ldap.ResponseWriter, m *ldap.Message) {
|
|
res := ldap.NewExtendedResponse(ldap.LDAPResultSuccess)
|
|
w.Write(res)
|
|
}
|
|
|
|
func Search(w ldap.ResponseWriter, m *ldap.Message) {
|
|
r := m.GetSearchRequest()
|
|
select {
|
|
case <-m.Done:
|
|
return
|
|
default:
|
|
}
|
|
|
|
name := string(r.BaseObject())
|
|
search := false
|
|
|
|
if name == base {
|
|
name = string(r.FilterString())
|
|
search = true
|
|
}
|
|
|
|
if name == "" {
|
|
response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject)
|
|
w.Write(response)
|
|
return
|
|
}
|
|
|
|
var user string;
|
|
|
|
if(search) {
|
|
user = utils.GetSearchUser(name)
|
|
} else {
|
|
user = utils.GetUser(name)
|
|
}
|
|
|
|
if user == ""{
|
|
response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject)
|
|
w.Write(response)
|
|
return
|
|
}
|
|
|
|
mail := utils.GetMail(user)
|
|
|
|
if mail == ""{
|
|
response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultNoSuchObject)
|
|
w.Write(response)
|
|
return
|
|
}
|
|
|
|
attr := utils.GetLdapName(user)
|
|
entry := ldap.NewSearchResultEntry(attr)
|
|
entry.AddAttribute("mail", message.AttributeValue(mail))
|
|
entry.AddAttribute("cn", message.AttributeValue(user))
|
|
w.Write(entry)
|
|
response := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
|
|
w.Write(response)
|
|
}
|