aboutsummaryrefslogtreecommitdiff
path: root/main.go
diff options
context:
space:
mode:
Diffstat (limited to 'main.go')
-rw-r--r--main.go58
1 files changed, 45 insertions, 13 deletions
diff --git a/main.go b/main.go
index 8894f26..26d46b3 100644
--- a/main.go
+++ b/main.go
@@ -1,5 +1,6 @@
package main
+// @FIXME: Panics if invalid keys are in consul (consulToDN in util.go)
// @FIXME: Implement missing search filters (in applyFilter)
// @FIXME: Add an initial prefix to the consul key value
@@ -22,6 +23,8 @@ import (
message "github.com/vjeantet/goldap/message"
)
+const DEBUG = false
+
type ConfigFile struct {
Suffix string `json:"suffix"`
BindAddress string `json:"bind_address"`
@@ -43,6 +46,7 @@ type Config struct {
}
type Server struct {
+ logger *log.Logger
config Config
kv *consul.KV
}
@@ -108,7 +112,7 @@ func readConfig() Config {
}
func main() {
- ldap.Logger = log.New(os.Stdout, "[server] ", log.LstdFlags)
+ ldap.Logger = log.New(os.Stdout, "[ldapserver] ", log.LstdFlags)
config := readConfig()
@@ -124,7 +128,11 @@ func main() {
kv := consul_client.KV()
// Create gobottin server
- gobottin := Server{config: config, kv: kv}
+ gobottin := Server{
+ logger: log.New(os.Stdout, "[gobottin] ", log.LstdFlags),
+ config: config,
+ kv: kv,
+ }
err = gobottin.init()
if err != nil {
panic(err)
@@ -219,7 +227,7 @@ func (server *Server) init() error {
return err
}
- log.Printf(
+ server.logger.Printf(
"It seems to be a new installation, we created a default user for you:\n\n dn: %s\n password: %s\n\nWe didn't use true random, you should replace it as soon as possible.",
admin_dn,
admin_pass_str,
@@ -314,7 +322,12 @@ func (server *Server) handleBind(s ldap.UserState, w ldap.ResponseWriter, m *lda
res := ldap.NewBindResponse(result_code)
if err != nil {
res.SetDiagnosticMessage(err.Error())
- log.Printf("Failed bind for %s: %s", string(r.Name()), err.Error())
+ server.logger.Printf("Failed bind for %s: %s", string(r.Name()), err.Error())
+ }
+ if result_code == ldap.LDAPResultSuccess {
+ server.logger.Printf("Successfully bound to %s", string(r.Name()))
+ } else {
+ server.logger.Printf("Failed to bind to %s (%s)", string(r.Name()), err)
}
w.Write(res)
}
@@ -365,12 +378,14 @@ func (server *Server) handleSearch(s ldap.UserState, w ldap.ResponseWriter, m *l
}
func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter, r *message.SearchRequest) (int, error) {
- log.Printf("-- SEARCH REQUEST: --")
- log.Printf("Request BaseDn=%s", r.BaseObject())
- log.Printf("Request Filter=%s", r.Filter())
- log.Printf("Request FilterString=%s", r.FilterString())
- log.Printf("Request Attributes=%s", r.Attributes())
- log.Printf("Request TimeLimit=%d", r.TimeLimit().Int())
+ if DEBUG {
+ server.logger.Printf("-- SEARCH REQUEST: --")
+ server.logger.Printf("Request BaseDn=%s", r.BaseObject())
+ server.logger.Printf("Request Filter=%s", r.Filter())
+ server.logger.Printf("Request FilterString=%s", r.FilterString())
+ server.logger.Printf("Request Attributes=%s", r.Attributes())
+ server.logger.Printf("Request TimeLimit=%d", r.TimeLimit().Int())
+ }
if !server.config.Acl.Check(&state.login, "read", string(r.BaseObject()), []string{}) {
return ldap.LDAPResultInsufficientAccessRights, fmt.Errorf("Please specify a base object on which you have read rights")
@@ -394,8 +409,10 @@ func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter,
if err != nil {
return ldap.LDAPResultOperationsError, err
}
- log.Printf("in %s: %#v", basePath+"/", data)
- log.Printf("%#v", entries)
+ if DEBUG {
+ server.logger.Printf("in %s: %#v", basePath+"/", data)
+ server.logger.Printf("%#v", entries)
+ }
for dn, entry := range entries {
// Filter out if we don't match requested filter
@@ -511,6 +528,11 @@ func (server *Server) handleAdd(s ldap.UserState, w ldap.ResponseWriter, m *ldap
if err != nil {
res.SetDiagnosticMessage(err.Error())
}
+ if code == ldap.LDAPResultSuccess {
+ server.logger.Printf("Successfully added %s", string(r.Entry()))
+ } else {
+ server.logger.Printf("Failed to add %s (%s)", string(r.Entry()), err)
+ }
w.Write(message.AddResponse(res))
}
@@ -599,7 +621,7 @@ func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (in
for _, mb := range memberGroups {
if mb == dn {
alreadyMember = true
- log.Printf("Warning: inconsistency detected, %s was memberOf %s at a time when it didn't exist!",
+ server.logger.Printf("Warning: inconsistency detected, %s was memberOf %s at a time when it didn't exist!",
member, dn)
break
}
@@ -681,6 +703,11 @@ func (server *Server) handleDelete(s ldap.UserState, w ldap.ResponseWriter, m *l
if err != nil {
res.SetDiagnosticMessage(err.Error())
}
+ if code == ldap.LDAPResultSuccess {
+ server.logger.Printf("Successfully deleted %s", string(r))
+ } else {
+ server.logger.Printf("Failed to delete %s (%s)", string(r), err)
+ }
w.Write(message.DelResponse(res))
}
@@ -768,6 +795,11 @@ func (server *Server) handleModify(s ldap.UserState, w ldap.ResponseWriter, m *l
if err != nil {
res.SetDiagnosticMessage(err.Error())
}
+ if code == ldap.LDAPResultSuccess {
+ server.logger.Printf("Successfully modified %s", string(r.Object()))
+ } else {
+ server.logger.Printf("Failed to modifiy %s (%s)", string(r.Object()), err)
+ }
w.Write(message.ModifyResponse(res))
}