diff options
-rw-r--r-- | auth_ldap.go | 18 | ||||
-rw-r--r-- | main.go | 23 | ||||
-rw-r--r-- | s3/file.go | 10 | ||||
-rw-r--r-- | webdav.go | 2 |
4 files changed, 32 insertions, 21 deletions
diff --git a/auth_ldap.go b/auth_ldap.go index 26d3565..f5c7ada 100644 --- a/auth_ldap.go +++ b/auth_ldap.go @@ -21,7 +21,7 @@ func (l LdapPreAuth) WithCreds(username, password string) http.Handler { var e *LdapWrongPasswordError access_key, secret_key, err := LdapGetS3(l.WithConfig, username, password) - + if err == nil { l.OnCreds.WithCreds(access_key, secret_key).ServeHTTP(w, r) } else if errors.As(err, &e) { @@ -44,16 +44,18 @@ type ldapConnector struct { type LdapError struct { Username string - Err error + Err error } -func (e *LdapError) Error() string { return "ldap error for "+e.Username+": "+e.Err.Error() } -type LdapWrongPasswordError struct { LdapError } + +func (e *LdapError) Error() string { return "ldap error for " + e.Username + ": " + e.Err.Error() } + +type LdapWrongPasswordError struct{ LdapError } func LdapGetS3(c *Config, username, password string) (access_key, secret_key string, werr error) { // 1. Connect to the server conn, err := ldapConnect(c) if err != nil { - werr = &LdapError { username, err } + werr = &LdapError{username, err} return } defer conn.Close() @@ -62,14 +64,14 @@ func LdapGetS3(c *Config, username, password string) (access_key, secret_key str // @FIXME we should better check the error, it could also be due to an LDAP error err = conn.auth(username, password) if err != nil { - werr = &LdapWrongPasswordError { LdapError { username, err } } + werr = &LdapWrongPasswordError{LdapError{username, err}} return } // 3. Fetch user's profile profile, err := conn.profile() if err != nil { - werr = &LdapError { username, err } + werr = &LdapError{username, err} return } @@ -78,7 +80,7 @@ func LdapGetS3(c *Config, username, password string) (access_key, secret_key str secret_key = profile.GetAttributeValue("garage_s3_secret_key") if access_key == "" || secret_key == "" { err = errors.New(fmt.Sprintf("Either access key or secret key is missing in LDAP for %s", conn.userDn)) - werr = &LdapError { username, err } + werr = &LdapError{username, err} return } @@ -3,15 +3,15 @@ package main import ( "context" "fmt" - "io" - "io/ioutil" - "net" - "git.deuxfleurs.fr/Deuxfleurs/bagage/sftp" "git.deuxfleurs.fr/Deuxfleurs/bagage/s3" - "github.com/minio/minio-go/v7/pkg/credentials" + "git.deuxfleurs.fr/Deuxfleurs/bagage/sftp" "github.com/minio/minio-go/v7" + "github.com/minio/minio-go/v7/pkg/credentials" "golang.org/x/crypto/ssh" + "io" + "io/ioutil" "log" + "net" "net/http" ) @@ -26,7 +26,7 @@ func main() { go httpServer(config, done) go sshServer(config, done) - err := <- done + err := <-done if err != nil { log.Fatalf("A component failed: %v", err) } @@ -36,9 +36,10 @@ type s3creds struct { accessKey string secretKey string } + var keychain map[string]s3creds -func sshServer(dconfig* Config, done chan error) { +func sshServer(dconfig *Config, done chan error) { keychain = make(map[string]s3creds) config := &ssh.ServerConfig{ @@ -46,7 +47,7 @@ func sshServer(dconfig* Config, done chan error) { log.Printf("Login: %s\n", c.User()) access_key, secret_key, err := LdapGetS3(dconfig, c.User(), string(pass)) if err == nil { - keychain[c.User()] = s3creds{ access_key, secret_key } + keychain[c.User()] = s3creds{access_key, secret_key} } return nil, err }, @@ -82,7 +83,7 @@ func sshServer(dconfig* Config, done chan error) { } } -func handleSSHConn(nConn net.Conn, dconfig* Config, config *ssh.ServerConfig) { +func handleSSHConn(nConn net.Conn, dconfig *Config, config *ssh.ServerConfig) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() @@ -138,7 +139,7 @@ func handleSSHConn(nConn net.Conn, dconfig* Config, config *ssh.ServerConfig) { } }(requests) - creds := keychain[user] + creds := keychain[user] mc, err := minio.New(dconfig.Endpoint, &minio.Options{ Creds: credentials.NewStaticV4(creds.accessKey, creds.secretKey, ""), Secure: dconfig.UseSSL, @@ -163,7 +164,7 @@ func handleSSHConn(nConn net.Conn, dconfig* Config, config *ssh.ServerConfig) { } } -func httpServer(config* Config, done chan error) { +func httpServer(config *Config, done chan error) { // Assemble components to handle WebDAV requests http.Handle(config.DavPath+"/", BasicAuthExtract{ @@ -19,6 +19,7 @@ type S3File struct { objw *io.PipeWriter donew chan error pos int64 + eof bool entries []fs.FileInfo Path S3Path } @@ -85,12 +86,19 @@ func (f *S3File) Read(p []byte) (n int, err error) { } func (f *S3File) ReadAt(p []byte, off int64) (n int, err error) { + if f.eof { + return 0, io.EOF + } + log.Printf("s3 ReadAt %v\n", off) if err := f.loadObject(); err != nil { return 0, err } - return f.obj.ReadAt(p, off) + n, err = f.obj.ReadAt(p, off) + f.eof = err == io.EOF + + return } func (f *S3File) WriteAt(p []byte, off int64) (n int, err error) { @@ -1,8 +1,8 @@ package main import ( - "github.com/minio/minio-go/v7" "git.deuxfleurs.fr/Deuxfleurs/bagage/s3" + "github.com/minio/minio-go/v7" "golang.org/x/net/webdav" "log" "net/http" |