aboutsummaryrefslogtreecommitdiff
path: root/read.go
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-02-02 13:51:47 +0100
committerAlex Auvolat <alex@adnab.me>2020-02-02 13:53:29 +0100
commit0c801e02d5b9804c5444d4e923babc34ee05b61c (patch)
treecb1bcfe3b792614dd9b28ed0c30ae3de1b1d5f72 /read.go
parent4c037dcb94d2c663da9e624ba44dac0f833bc804 (diff)
downloadbottin-0c801e02d5b9804c5444d4e923babc34ee05b61c.tar.gz
bottin-0c801e02d5b9804c5444d4e923babc34ee05b61c.zip
Remove spaces between dn components, use warnings when necessary
Diffstat (limited to 'read.go')
-rw-r--r--read.go16
1 files changed, 8 insertions, 8 deletions
diff --git a/read.go b/read.go
index 0b6d345..63a1009 100644
--- a/read.go
+++ b/read.go
@@ -24,11 +24,10 @@ func (server *Server) handleCompare(s ldap.UserState, w ldap.ResponseWriter, m *
}
func (server *Server) handleCompareInternal(state *State, r *message.CompareRequest) (int, error) {
- dn := string(r.Entry())
attr := string(r.Ava().AttributeDesc())
expected := string(r.Ava().AssertionValue())
- _, err := server.checkSuffix(dn, false)
+ dn, err := server.checkDN(string(r.Entry()), false)
if err != nil {
return ldap.LDAPResultInvalidDNSyntax, err
}
@@ -81,21 +80,22 @@ func (server *Server) handleSearch(s ldap.UserState, w ldap.ResponseWriter, m *l
func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter, r *message.SearchRequest) (int, error) {
+ baseObject, err := server.checkDN(string(r.BaseObject()), true)
+ if err != nil {
+ return ldap.LDAPResultInvalidDNSyntax, err
+ }
+
server.logger.Tracef("-- SEARCH REQUEST: --")
- server.logger.Tracef("Request BaseDn=%s", r.BaseObject())
+ server.logger.Tracef("Request BaseDn=%s", baseObject)
server.logger.Tracef("Request Filter=%s", r.Filter())
server.logger.Tracef("Request FilterString=%s", r.FilterString())
server.logger.Tracef("Request Attributes=%s", r.Attributes())
server.logger.Tracef("Request TimeLimit=%d", r.TimeLimit().Int())
- if !server.config.Acl.Check(&state.login, "read", string(r.BaseObject()), []string{}) {
+ if !server.config.Acl.Check(&state.login, "read", baseObject, []string{}) {
return ldap.LDAPResultInsufficientAccessRights, fmt.Errorf("Please specify a base object on which you have read rights")
}
- baseObject, err := server.checkSuffix(string(r.BaseObject()), true)
- if err != nil {
- return ldap.LDAPResultInvalidDNSyntax, err
- }
basePath, err := dnToConsul(baseObject)
if err != nil {
return ldap.LDAPResultInvalidDNSyntax, err