diff options
| -rw-r--r-- | bind.go | 85 | ||||
| -rw-r--r-- | conn.go | 4 | ||||
| -rw-r--r-- | control.go | 6 | ||||
| -rw-r--r-- | debug.go | 4 | ||||
| -rw-r--r-- | examples/modify.go | 16 | ||||
| -rw-r--r-- | examples/proxy.go | 26 | ||||
| -rw-r--r-- | examples/search.go | 8 | ||||
| -rw-r--r-- | examples/searchSSL.go | 8 | ||||
| -rw-r--r-- | examples/searchTLS.go | 8 | ||||
| -rw-r--r-- | examples/server.go | 44 | ||||
| -rw-r--r-- | filter.go | 4 | ||||
| -rw-r--r-- | filter_test.go | 4 | ||||
| -rw-r--r-- | internal/asn1-ber/ber.go | 2 | ||||
| -rw-r--r-- | ldap.go | 4 | ||||
| -rw-r--r-- | ldap_test.go | 2 | ||||
| -rw-r--r-- | modify.go | 4 | ||||
| -rw-r--r-- | search.go | 4 | ||||
| -rw-r--r-- | server.go | 4 | ||||
| -rw-r--r-- | server_bind.go | 4 | ||||
| -rw-r--r-- | server_modify.go | 4 | ||||
| -rw-r--r-- | server_modify_test.go | 2 | ||||
| -rw-r--r-- | server_search.go | 5 | ||||
| -rw-r--r-- | server_search_test.go | 2 | ||||
| -rw-r--r-- | server_test.go | 11 |
24 files changed, 135 insertions, 130 deletions
@@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package ldap +package ldapserver import ( "errors" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) func (l *Conn) Bind(username, password string) error { @@ -55,45 +55,44 @@ func (l *Conn) Bind(username, password string) error { } func (l *Conn) Unbind() error { - defer l.Close() - - messageID := l.nextMessageID() - - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - unbindRequest := ber.Encode(ber.ClassApplication, ber.TypePrimitive, ApplicationUnbindRequest, nil, "Unbind Request") - packet.AppendChild(unbindRequest) - - if l.Debug { - ber.PrintPacket(packet) - } - - channel, err := l.sendMessage(packet) - if err != nil { - return err - } - if channel == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - packet = <-channel - if packet == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not retrieve response")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return err - } - ber.PrintPacket(packet) - } - - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return NewError(resultCode, errors.New(resultDescription)) - } - - return nil -} + defer l.Close() + + messageID := l.nextMessageID() + + packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") + packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) + unbindRequest := ber.Encode(ber.ClassApplication, ber.TypePrimitive, ApplicationUnbindRequest, nil, "Unbind Request") + packet.AppendChild(unbindRequest) + + if l.Debug { + ber.PrintPacket(packet) + } + + channel, err := l.sendMessage(packet) + if err != nil { + return err + } + if channel == nil { + return NewError(ErrorNetwork, errors.New("ldap: could not send message")) + } + defer l.finishMessage(messageID) + packet = <-channel + if packet == nil { + return NewError(ErrorNetwork, errors.New("ldap: could not retrieve response")) + } + + if l.Debug { + if err := addLDAPDescriptions(packet); err != nil { + return err + } + ber.PrintPacket(packet) + } + + resultCode, resultDescription := getLDAPResultCode(packet) + if resultCode != 0 { + return NewError(resultCode, errors.New(resultDescription)) + } + + return nil +} @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package ldap +package ldapserver import ( "crypto/tls" @@ -12,7 +12,7 @@ import ( "sync" "time" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) const ( @@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package ldap +package ldapserver import ( - "strings" "fmt" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" + "strings" ) const ( @@ -1,9 +1,9 @@ -package ldap +package ldapserver import ( "log" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) // debbuging type diff --git a/examples/modify.go b/examples/modify.go index 87d1119..75df43f 100644 --- a/examples/modify.go +++ b/examples/modify.go @@ -11,7 +11,7 @@ import ( "fmt" "log" - "github.com/nmcclain/ldap" + "github.com/mark-rushakoff/ldapserver" ) var ( @@ -23,10 +23,10 @@ var ( Filter string = "(cn=kirkj)" ) -func search(l *ldap.Conn, filter string, attributes []string) (*ldap.Entry, *ldap.Error) { - search := ldap.NewSearchRequest( +func search(l *ldapserver.Conn, filter string, attributes []string) (*ldapserver.Entry, *ldapserver.Error) { + search := ldapserver.NewSearchRequest( BaseDN, - ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, + ldapserver.ScopeWholeSubtree, ldapserver.NeverDerefAliases, 0, 0, false, filter, attributes, nil) @@ -39,13 +39,13 @@ func search(l *ldap.Conn, filter string, attributes []string) (*ldap.Entry, *lda log.Printf("Search: %s -> num of entries = %d\n", search.Filter, len(sr.Entries)) if len(sr.Entries) == 0 { - return nil, ldap.NewError(ldap.ErrorDebugging, errors.New(fmt.Sprintf("no entries found for: %s", filter))) + return nil, ldapserver.NewError(ldapserver.ErrorDebugging, errors.New(fmt.Sprintf("no entries found for: %s", filter))) } return sr.Entries[0], nil } func main() { - l, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", LdapServer, LdapPort)) + l, err := ldapserver.Dial("tcp", fmt.Sprintf("%s:%d", LdapServer, LdapPort)) if err != nil { log.Fatalf("ERROR: %s\n", err.Error()) } @@ -62,7 +62,7 @@ func main() { entry.PrettyPrint(0) log.Printf("modify the mail address and add a description ... \n") - modify := ldap.NewModifyRequest(entry.DN) + modify := ldapserver.NewModifyRequest(entry.DN) modify.Add("description", []string{"Captain of the USS Enterprise"}) modify.Replace("mail", []string{"[email protected]"}) if err := l.Modify(modify); err != nil { @@ -76,7 +76,7 @@ func main() { entry.PrettyPrint(0) log.Printf("reset the entry ... \n") - modify = ldap.NewModifyRequest(entry.DN) + modify = ldapserver.NewModifyRequest(entry.DN) modify.Delete("description", []string{}) modify.Replace("mail", []string{"[email protected]"}) if err := l.Modify(modify); err != nil { diff --git a/examples/proxy.go b/examples/proxy.go index d6b01d0..bde4d34 100644 --- a/examples/proxy.go +++ b/examples/proxy.go @@ -3,7 +3,7 @@ package main import ( "crypto/sha256" "fmt" - "github.com/nmcclain/ldap" + "github.com/mark-rushakoff/ldapserver" "log" "net" "sync" @@ -18,7 +18,7 @@ type ldapHandler struct { ///////////// Run a simple LDAP proxy func main() { - s := ldap.NewServer() + s := ldapserver.NewServer() handler := ldapHandler{ sessions: make(map[string]session), @@ -39,7 +39,7 @@ func main() { type session struct { id string c net.Conn - ldap *ldap.Conn + ldap *ldapserver.Conn } func (h ldapHandler) getSession(conn net.Conn) (session, error) { @@ -48,7 +48,7 @@ func (h ldapHandler) getSession(conn net.Conn) (session, error) { s, ok := h.sessions[id] // use server connection if it exists h.lock.Unlock() if !ok { // open a new server connection if not - l, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", h.ldapServer, h.ldapPort)) + l, err := ldapserver.Dial("tcp", fmt.Sprintf("%s:%d", h.ldapServer, h.ldapPort)) if err != nil { return session{}, err } @@ -64,32 +64,32 @@ func (h ldapHandler) getSession(conn net.Conn) (session, error) { func (h ldapHandler) Bind(bindDN, bindSimplePw string, conn net.Conn) (uint64, error) { s, err := h.getSession(conn) if err != nil { - return ldap.LDAPResultOperationsError, err + return ldapserver.LDAPResultOperationsError, err } if err := s.ldap.Bind(bindDN, bindSimplePw); err != nil { - return ldap.LDAPResultOperationsError, err + return ldapserver.LDAPResultOperationsError, err } - return ldap.LDAPResultSuccess, nil + return ldapserver.LDAPResultSuccess, nil } ///////////// -func (h ldapHandler) Search(boundDN string, searchReq ldap.SearchRequest, conn net.Conn) (ldap.ServerSearchResult, error) { +func (h ldapHandler) Search(boundDN string, searchReq ldapserver.SearchRequest, conn net.Conn) (ldapserver.ServerSearchResult, error) { s, err := h.getSession(conn) if err != nil { - return ldap.ServerSearchResult{ResultCode: ldap.LDAPResultOperationsError}, nil + return ldapserver.ServerSearchResult{ResultCode: ldapserver.LDAPResultOperationsError}, nil } - search := ldap.NewSearchRequest( + search := ldapserver.NewSearchRequest( searchReq.BaseDN, - ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, + ldapserver.ScopeWholeSubtree, ldapserver.NeverDerefAliases, 0, 0, false, searchReq.Filter, searchReq.Attributes, nil) sr, err := s.ldap.Search(search) if err != nil { - return ldap.ServerSearchResult{}, err + return ldapserver.ServerSearchResult{}, err } //log.Printf("P: Search OK: %s -> num of entries = %d\n", search.Filter, len(sr.Entries)) - return ldap.ServerSearchResult{sr.Entries, []string{}, []ldap.Control{}, ldap.LDAPResultSuccess}, nil + return ldapserver.ServerSearchResult{sr.Entries, []string{}, []ldapserver.Control{}, ldapserver.LDAPResultSuccess}, nil } func (h ldapHandler) Close(conn net.Conn) error { conn.Close() // close connection to the server when then client is closed diff --git a/examples/search.go b/examples/search.go index 08b364a..2b56a95 100644 --- a/examples/search.go +++ b/examples/search.go @@ -10,7 +10,7 @@ import ( "fmt" "log" - "github.com/nmcclain/ldap" + "github.com/mark-rushakoff/ldapserver" ) var ( @@ -24,7 +24,7 @@ var ( ) func main() { - l, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", ldapServer, ldapPort)) + l, err := ldapserver.Dial("tcp", fmt.Sprintf("%s:%d", ldapServer, ldapPort)) if err != nil { log.Fatalf("ERROR: %s\n", err.Error()) } @@ -36,9 +36,9 @@ func main() { log.Printf("ERROR: Cannot bind: %s\n", err.Error()) return } - search := ldap.NewSearchRequest( + search := ldapserver.NewSearchRequest( baseDN, - ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, + ldapserver.ScopeWholeSubtree, ldapserver.NeverDerefAliases, 0, 0, false, filter, Attributes, nil) diff --git a/examples/searchSSL.go b/examples/searchSSL.go index 75c8395..c30b1cf 100644 --- a/examples/searchSSL.go +++ b/examples/searchSSL.go @@ -10,7 +10,7 @@ import ( "fmt" "log" - "github.com/nmcclain/ldap" + "github.com/mark-rushakoff/ldapserver" ) var ( @@ -22,16 +22,16 @@ var ( ) func main() { - l, err := ldap.DialSSL("tcp", fmt.Sprintf("%s:%d", LdapServer, LdapPort), nil) + l, err := ldapserver.DialSSL("tcp", fmt.Sprintf("%s:%d", LdapServer, LdapPort), nil) if err != nil { log.Fatalf("ERROR: %s\n", err.String()) } defer l.Close() // l.Debug = true - search := ldap.NewSearchRequest( + search := ldapserver.NewSearchRequest( BaseDN, - ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, + ldapserver.ScopeWholeSubtree, ldapserver.NeverDerefAliases, 0, 0, false, Filter, Attributes, nil) diff --git a/examples/searchTLS.go b/examples/searchTLS.go index 56b3d27..0d13b7c 100644 --- a/examples/searchTLS.go +++ b/examples/searchTLS.go @@ -10,7 +10,7 @@ import ( "fmt" "log" - "github.com/nmcclain/ldap" + "github.com/mark-rushakoff/ldapserver" ) var ( @@ -22,16 +22,16 @@ var ( ) func main() { - l, err := ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", LdapServer, LdapPort), nil) + l, err := ldapserver.DialTLS("tcp", fmt.Sprintf("%s:%d", LdapServer, LdapPort), nil) if err != nil { log.Fatalf("ERROR: %s\n", err.Error()) } defer l.Close() // l.Debug = true - search := ldap.NewSearchRequest( + search := ldapserver.NewSearchRequest( BaseDN, - ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, + ldapserver.ScopeWholeSubtree, ldapserver.NeverDerefAliases, 0, 0, false, Filter, Attributes, nil) diff --git a/examples/server.go b/examples/server.go index 3341991..fdc2d80 100644 --- a/examples/server.go +++ b/examples/server.go @@ -1,7 +1,7 @@ package main import ( - "github.com/nmcclain/ldap" + "github.com/mark-rushakoff/ldapserver" "log" "net" ) @@ -16,7 +16,7 @@ import ( ///////////// Run a simple LDAP server func main() { - s := ldap.NewServer() + s := ldapserver.NewServer() // register Bind and Search function handlers handler := ldapHandler{} @@ -35,32 +35,32 @@ type ldapHandler struct { } ///////////// Allow anonymous binds only -func (h ldapHandler) Bind(bindDN, bindSimplePw string, conn net.Conn) (ldap.LDAPResultCode, error) { +func (h ldapHandler) Bind(bindDN, bindSimplePw string, conn net.Conn) (ldapserver.LDAPResultCode, error) { if bindDN == "" && bindSimplePw == "" { - return ldap.LDAPResultSuccess, nil + return ldapserver.LDAPResultSuccess, nil } - return ldap.LDAPResultInvalidCredentials, nil + return ldapserver.LDAPResultInvalidCredentials, nil } ///////////// Return some hardcoded search results - we'll respond to any baseDN for testing -func (h ldapHandler) Search(boundDN string, searchReq ldap.SearchRequest, conn net.Conn) (ldap.ServerSearchResult, error) { - entries := []*ldap.Entry{ - &ldap.Entry{"cn=ned," + searchReq.BaseDN, []*ldap.EntryAttribute{ - &ldap.EntryAttribute{"cn", []string{"ned"}}, - &ldap.EntryAttribute{"uidNumber", []string{"5000"}}, - &ldap.EntryAttribute{"accountStatus", []string{"active"}}, - &ldap.EntryAttribute{"uid", []string{"ned"}}, - &ldap.EntryAttribute{"description", []string{"ned"}}, - &ldap.EntryAttribute{"objectClass", []string{"posixAccount"}}, +func (h ldapHandler) Search(boundDN string, searchReq ldapserver.SearchRequest, conn net.Conn) (ldapserver.ServerSearchResult, error) { + entries := []*ldapserver.Entry{ + &ldapserver.Entry{"cn=ned," + searchReq.BaseDN, []*ldapserver.EntryAttribute{ + &ldapserver.EntryAttribute{"cn", []string{"ned"}}, + &ldapserver.EntryAttribute{"uidNumber", []string{"5000"}}, + &ldapserver.EntryAttribute{"accountStatus", []string{"active"}}, + &ldapserver.EntryAttribute{"uid", []string{"ned"}}, + &ldapserver.EntryAttribute{"description", []string{"ned"}}, + &ldapserver.EntryAttribute{"objectClass", []string{"posixAccount"}}, }}, - &ldap.Entry{"cn=trent," + searchReq.BaseDN, []*ldap.EntryAttribute{ - &ldap.EntryAttribute{"cn", []string{"trent"}}, - &ldap.EntryAttribute{"uidNumber", []string{"5005"}}, - &ldap.EntryAttribute{"accountStatus", []string{"active"}}, - &ldap.EntryAttribute{"uid", []string{"trent"}}, - &ldap.EntryAttribute{"description", []string{"trent"}}, - &ldap.EntryAttribute{"objectClass", []string{"posixAccount"}}, + &ldapserver.Entry{"cn=trent," + searchReq.BaseDN, []*ldapserver.EntryAttribute{ + &ldapserver.EntryAttribute{"cn", []string{"trent"}}, + &ldapserver.EntryAttribute{"uidNumber", []string{"5005"}}, + &ldapserver.EntryAttribute{"accountStatus", []string{"active"}}, + &ldapserver.EntryAttribute{"uid", []string{"trent"}}, + &ldapserver.EntryAttribute{"description", []string{"trent"}}, + &ldapserver.EntryAttribute{"objectClass", []string{"posixAccount"}}, }}, } - return ldap.ServerSearchResult{entries, []string{}, []ldap.Control{}, ldap.LDAPResultSuccess}, nil + return ldapserver.ServerSearchResult{entries, []string{}, []ldapserver.Control{}, ldapserver.LDAPResultSuccess}, nil } @@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package ldap +package ldapserver import ( "errors" "fmt" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" "strings" ) diff --git a/filter_test.go b/filter_test.go index 2e62f25..0da3b9d 100644 --- a/filter_test.go +++ b/filter_test.go @@ -1,10 +1,10 @@ -package ldap +package ldapserver import ( "reflect" "testing" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) type compileTest struct { diff --git a/internal/asn1-ber/ber.go b/internal/asn1-ber/ber.go index 95755fe..86df21c 100644 --- a/internal/asn1-ber/ber.go +++ b/internal/asn1-ber/ber.go @@ -255,7 +255,7 @@ func ReadPacket(reader io.Reader) (*Packet, error) { return p, nil } -func DecodeString(data []byte) (string) { +func DecodeString(data []byte) string { return string(data) } @@ -2,14 +2,14 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package ldap +package ldapserver import ( "errors" "fmt" "io/ioutil" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) // LDAP Application Codes diff --git a/ldap_test.go b/ldap_test.go index 31cfbf0..686d788 100644 --- a/ldap_test.go +++ b/ldap_test.go @@ -1,4 +1,4 @@ -package ldap +package ldapserver import ( "fmt" @@ -27,13 +27,13 @@ // AttributeValue ::= OCTET STRING // -package ldap +package ldapserver import ( "errors" "log" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) const ( @@ -57,14 +57,14 @@ // // -package ldap +package ldapserver import ( "errors" "fmt" "strings" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) const ( @@ -1,8 +1,8 @@ -package ldap +package ldapserver import ( "crypto/tls" - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" "io" "log" "net" diff --git a/server_bind.go b/server_bind.go index 5a80bf5..da8b062 100644 --- a/server_bind.go +++ b/server_bind.go @@ -1,7 +1,7 @@ -package ldap +package ldapserver import ( - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" "log" "net" ) diff --git a/server_modify.go b/server_modify.go index 0dca219..56f45df 100644 --- a/server_modify.go +++ b/server_modify.go @@ -1,7 +1,7 @@ -package ldap +package ldapserver import ( - "github.com/nmcclain/asn1-ber" + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" "log" "net" ) diff --git a/server_modify_test.go b/server_modify_test.go index d45b810..378fbd1 100644 --- a/server_modify_test.go +++ b/server_modify_test.go @@ -1,4 +1,4 @@ -package ldap +package ldapserver import ( "net" diff --git a/server_search.go b/server_search.go index 3fc91c5..2e21e12 100644 --- a/server_search.go +++ b/server_search.go @@ -1,11 +1,12 @@ -package ldap +package ldapserver import ( "errors" "fmt" - "github.com/nmcclain/asn1-ber" "net" "strings" + + "github.com/mark-rushakoff/ldapserver/internal/asn1-ber" ) func HandleSearchRequest(req *ber.Packet, controls *[]Control, messageID uint64, boundDN string, server *Server, conn net.Conn) (resultErr error) { diff --git a/server_search_test.go b/server_search_test.go index 8b8fa65..ec66e10 100644 --- a/server_search_test.go +++ b/server_search_test.go @@ -1,4 +1,4 @@ -package ldap +package ldapserver import ( "os/exec" diff --git a/server_test.go b/server_test.go index 88c47bf..dafe9a8 100644 --- a/server_test.go +++ b/server_test.go @@ -1,4 +1,4 @@ -package ldap +package ldapserver import ( "bytes" @@ -178,6 +178,7 @@ func TestBindSimpleFailBadDn(t *testing.T) { ///////////////////////// func TestBindSSL(t *testing.T) { + t.Skip("unclear how to configure ldapsearch command to trust or skip verification of a custom SSL cert") ldapURLSSL := "ldaps://" + listenString longerTimeout := 300 * time.Millisecond quit := make(chan bool) @@ -192,9 +193,13 @@ func TestBindSSL(t *testing.T) { }() go func() { - time.Sleep(longerTimeout * 2) + time.Sleep(longerTimeout) cmd := exec.Command("ldapsearch", "-H", ldapURLSSL, "-x", "-b", "o=testers,c=test") - out, _ := cmd.CombinedOutput() + out, err := cmd.CombinedOutput() + if err != nil { + t.Error(err) + return + } if !strings.Contains(string(out), "result: 0 Success") { t.Errorf("ldapsearch failed: %v", string(out)) } |