aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-01-28 00:52:30 +0100
committerAlex Auvolat <alex@adnab.me>2020-01-28 00:52:30 +0100
commite1f5c31402df97594116267b4f918582f2496ee0 (patch)
treecf87b238f6680ea85ffa8d9d6c5107b096ff5056
parent3edaad9317db280db903a18ec85a70e6c32cabf9 (diff)
downloadbottin-e1f5c31402df97594116267b4f918582f2496ee0.tar.gz
bottin-e1f5c31402df97594116267b4f918582f2496ee0.zip
More logs
-rw-r--r--gobottin.hcl.example4
-rw-r--r--ldapserver/client.go10
-rw-r--r--ldapserver/logger.go1
-rw-r--r--main.go6
-rw-r--r--read.go3
5 files changed, 15 insertions, 9 deletions
diff --git a/gobottin.hcl.example b/gobottin.hcl.example
index 6132f68..ac42b06 100644
--- a/gobottin.hcl.example
+++ b/gobottin.hcl.example
@@ -12,10 +12,10 @@ job "directory" {
task "server" {
driver = "docker"
config {
- image = "lxpz/gobottin_amd64:5"
+ image = "lxpz/gobottin_amd64:12"
readonly_rootfs = true
port_map {
- ldap_port = 1389
+ ldap_port = 389
}
volumes = [
"secrets/config.json:/config.json"
diff --git a/ldapserver/client.go b/ldapserver/client.go
index 085041f..681aa76 100644
--- a/ldapserver/client.go
+++ b/ldapserver/client.go
@@ -134,8 +134,9 @@ func (c *client) serve() {
Logger.Printf("Error reading Message : %s\n\t%x", err.Error(), messagePacket.bytes)
continue
}
- if DEBUG {
- Logger.Printf("<<< %d - %s - hex=%x", c.Numero, message.ProtocolOpName(), messagePacket)
+ if TRACE {
+ //Logger.Printf("<<< %d - %s - hex=%x", c.Numero, message.ProtocolOpName(), messagePacket)
+ Logger.Printf("<<< %d - %#v", c.Numero, message)
}
// TODO: Use a implementation to limit runnuning request by client
@@ -211,8 +212,9 @@ func (c *client) close() {
func (c *client) writeMessage(m *ldap.LDAPMessage) {
data, _ := m.Write()
- if DEBUG {
- Logger.Printf(">>> %d - %s - hex=%x", c.Numero, m.ProtocolOpName(), data.Bytes())
+ if TRACE {
+ //Logger.Printf(">>> %d - %s - hex=%x", c.Numero, m.ProtocolOpName(), data.Bytes())
+ Logger.Printf(">>> %d - %#v", c.Numero, m)
}
c.bw.Write(data.Bytes())
c.bw.Flush()
diff --git a/ldapserver/logger.go b/ldapserver/logger.go
index 70352e3..9f145cf 100644
--- a/ldapserver/logger.go
+++ b/ldapserver/logger.go
@@ -9,6 +9,7 @@ import (
var Logger logger
const DEBUG = false
+const TRACE = false
// Logger represents log.Logger functions from the standard library
type logger interface {
diff --git a/main.go b/main.go
index d665caf..174bde6 100644
--- a/main.go
+++ b/main.go
@@ -413,7 +413,7 @@ func (server *Server) handleBind(s ldap.UserState, w ldap.ResponseWriter, m *lda
func (server *Server) handleBindInternal(state *State, r *message.BindRequest) (int, error) {
// Check permissions
if !server.config.Acl.Check(&state.login, "bind", string(r.Name()), []string{}) {
- return ldap.LDAPResultInsufficientAccessRights, nil
+ return ldap.LDAPResultInsufficientAccessRights, fmt.Errorf("Insufficient access rights for %#v", state.login)
}
// Try to retrieve password and check for match
@@ -422,7 +422,7 @@ func (server *Server) handleBindInternal(state *State, r *message.BindRequest) (
return ldap.LDAPResultOperationsError, err
}
if passwd == nil {
- return ldap.LDAPResultNoSuchObject, nil
+ return ldap.LDAPResultNoSuchObject, fmt.Errorf("%s has no password", string(r.Name()))
}
for _, hash := range passwd {
@@ -439,5 +439,5 @@ func (server *Server) handleBindInternal(state *State, r *message.BindRequest) (
return ldap.LDAPResultSuccess, nil
}
}
- return ldap.LDAPResultInvalidCredentials, nil
+ return ldap.LDAPResultInvalidCredentials, fmt.Errorf("No password match")
}
diff --git a/read.go b/read.go
index 29ef9ed..15a2a0b 100644
--- a/read.go
+++ b/read.go
@@ -73,6 +73,9 @@ func (server *Server) handleSearch(s ldap.UserState, w ldap.ResponseWriter, m *l
if err != nil {
res.SetDiagnosticMessage(err.Error())
}
+ if code != ldap.LDAPResultSuccess {
+ server.logger.Printf("Failed to do search %#v (%s)", r, err)
+ }
w.Write(message.SearchResultDone(res))
}