func handleExtended(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetExtendedRequest()
log.Printf("Extended request received, name=%s", r.GetResponseName())
log.Printf("Extended request received, value=%x", r.GetResponseValue())
res := ldap.NewExtendedResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
func handleModify(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetModifyRequest()
log.Printf("Modify entry: %s", r.GetObject())
for _, change := range r.GetChanges() {
modification := change.GetModification()
var operationString string
switch change.GetOperation() {
case ldap.ModifyRequestChangeOperationAdd:
operationString = "Add"
case ldap.ModifyRequestChangeOperationDelete:
operationString = "Delete"
case ldap.ModifyRequestChangeOperationReplace:
operationString = "Replace"
}
log.Printf("%s attribute '%s'", operationString, modification.GetDescription())
for _, attributeValue := range modification.GetValues() {
log.Printf("- value: %s", attributeValue)
}
}
res := ldap.NewModifyResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
func handleSearch(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetSearchRequest()
log.Printf("Request BaseDn=%s", r.BaseObject())
log.Printf("Request Filter=%s", r.FilterString())
log.Printf("Request Attributes=%s", r.Attributes())
// Handle Stop Signal (server stop / client disconnected / Abandoned request....)
for {
select {
case <-m.Done:
log.Printf("Leaving handleSearch... for msgid=%d", m.MessageID)
return
default:
}
e := ldap.NewSearchResultEntry("cn=Valere JEANTET, " + string(r.BaseObject()))
e.AddAttribute("mail", "*****@*****.**", "*****@*****.**")
e.AddAttribute("company", "SODADI")
e.AddAttribute("department", "DSI/SEC")
e.AddAttribute("l", "Ferrieres en brie")
e.AddAttribute("mobile", "0612324567")
e.AddAttribute("telephoneNumber", "0612324567")
e.AddAttribute("cn", "Valère JEANTET")
w.Write(e)
time.Sleep(time.Millisecond * 800)
}
res := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
func handleSearchDSE(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetSearchRequest()
log.Printf("Request BaseDn=%s", r.BaseObject())
log.Printf("Request Filter=%s", r.Filter())
log.Printf("Request FilterString=%s", r.FilterString())
log.Printf("Request Attributes=%s", r.Attributes())
log.Printf("Request TimeLimit=%d", r.TimeLimit().Int())
e := ldap.NewSearchResultEntry("")
e.AddAttribute("vendorName", "Valère JEANTET")
e.AddAttribute("vendorVersion", "0.0.1")
e.AddAttribute("objectClass", "top", "extensibleObject")
e.AddAttribute("supportedLDAPVersion", "3")
e.AddAttribute("namingContexts", "o=My Company, c=US")
// e.AddAttribute("subschemaSubentry", "cn=schema")
// e.AddAttribute("namingContexts", "ou=system", "ou=schema", "dc=example,dc=com", "ou=config")
// e.AddAttribute("supportedFeatures", "1.3.6.1.4.1.4203.1.5.1")
// e.AddAttribute("supportedControl", "2.16.840.1.113730.3.4.3", "1.3.6.1.4.1.4203.1.10.1", "2.16.840.1.113730.3.4.2", "1.3.6.1.4.1.4203.1.9.1.4", "1.3.6.1.4.1.42.2.27.8.5.1", "1.3.6.1.4.1.4203.1.9.1.1", "1.3.6.1.4.1.4203.1.9.1.3", "1.3.6.1.4.1.4203.1.9.1.2", "1.3.6.1.4.1.18060.0.0.1", "2.16.840.1.113730.3.4.7", "1.2.840.113556.1.4.319")
// e.AddAttribute("supportedExtension", "1.3.6.1.4.1.1466.20036", "1.3.6.1.4.1.4203.1.11.1", "1.3.6.1.4.1.18060.0.1.5", "1.3.6.1.4.1.18060.0.1.3", "1.3.6.1.4.1.1466.20037")
// e.AddAttribute("supportedSASLMechanisms", "NTLM", "GSSAPI", "GSS-SPNEGO", "CRAM-MD5", "SIMPLE", "DIGEST-MD5")
// e.AddAttribute("entryUUID", "f290425c-8272-4e62-8a67-92b06f38dbf5")
w.Write(e)
res := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
// The resultCode is set to compareTrue, compareFalse, or an appropriate
// error. compareTrue indicates that the assertion value in the ava
// Comparerequest field matches a value of the attribute or subtype according to the
// attribute's EQUALITY matching rule. compareFalse indicates that the
// assertion value in the ava field and the values of the attribute or
// subtype did not match. Other result codes indicate either that the
// result of the comparison was Undefined, or that
// some error occurred.
func handleCompare(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetCompareRequest()
log.Printf("Comparing entry: %s", r.GetEntry())
//attributes values
log.Printf(" attribute name to compare : \"%s\"", r.GetAttributeValueAssertion().GetName())
log.Printf(" attribute value expected : \"%s\"", r.GetAttributeValueAssertion().GetValue())
res := ldap.NewCompareResponse(ldap.LDAPResultCompareTrue)
w.Write(res)
}
func handleSearchMyCompany(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetSearchRequest()
log.Printf("handleSearchMyCompany - Request BaseDn=%s", r.BaseObject())
e := ldap.NewSearchResultEntry(string(r.BaseObject()))
e.AddAttribute("objectClass", "top", "organizationalUnit")
w.Write(e)
res := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
func handleAdd(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetAddRequest()
log.Printf("Adding entry: %s", r.GetEntryDN())
//attributes values
for _, attribute := range r.GetAttributes() {
for _, attributeValue := range attribute.GetValues() {
log.Printf("- %s:%s", attribute.GetDescription(), attributeValue)
}
}
res := ldap.NewAddResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
func (t *testLDAPServer) handleSearch(w ldapserver.ResponseWriter, m *ldapserver.Message) {
r := m.GetSearchRequest()
// Record the entry
t.SearchRequests = append(t.SearchRequests, r)
// Write the results
for _, entry := range t.SearchResults {
w.Write(entry)
}
w.Write(ldapserver.NewSearchResultDoneResponse(ldapserver.LDAPResultSuccess))
}
func handleNotFound(w ldap.ResponseWriter, r *ldap.Message) {
switch r.GetProtocolOp().(type) {
case ldap.BindRequest:
res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
res.DiagnosticMessage = "Default binding behavior set to return Success"
w.Write(res)
default:
res := ldap.NewResponse(ldap.LDAPResultUnwillingToPerform)
res.DiagnosticMessage = "Operation not implemented by server"
w.Write(res)
}
}
// handleBind return Success if login == mysql
func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetBindRequest()
res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
if string(r.Name()) == "login" {
w.Write(res)
return
}
log.Printf("Bind failed User=%s, Pass=%s", string(r.Name()), string(r.AuthenticationSimple()))
res.SetResultCode(ldap.LDAPResultInvalidCredentials)
res.SetDiagnosticMessage("invalid credentials")
w.Write(res)
}
func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetBindRequest()
res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
if string(r.GetLogin()) == "myLogin" {
w.Write(res)
return
}
log.Printf("Bind failed User=%s, Pass=%s", string(r.GetLogin()), string(r.GetPassword()))
res.ResultCode = ldap.LDAPResultInvalidCredentials
res.DiagnosticMessage = "invalid credentials"
w.Write(res)
}
func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetBindRequest()
res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
if r.AuthenticationChoice() == "simple" {
if string(r.Name()) == "login" {
w.Write(res)
return
}
log.Printf("Bind failed User=%s, Pass=%#v", string(r.Name()), r.Authentication())
res.SetResultCode(ldap.LDAPResultInvalidCredentials)
res.SetDiagnosticMessage("invalid credentials")
} else {
res.SetResultCode(ldap.LDAPResultUnwillingToPerform)
res.SetDiagnosticMessage("Authentication choice not supported")
}
w.Write(res)
}
func handleStartTLS(w ldap.ResponseWriter, m *ldap.Message) {
tlsconfig, _ := getTLSconfig()
tlsConn := tls.Server(m.Client.GetConn(), tlsconfig)
res := ldap.NewExtendedResponse(ldap.LDAPResultSuccess)
res.ResponseName = ldap.NoticeOfStartTLS
w.Write(res)
if err := tlsConn.Handshake(); err != nil {
log.Printf("StartTLS Handshake error %v", err)
res.DiagnosticMessage = fmt.Sprintf("StartTLS Handshake error : \"%s\"", err.Error())
res.ResultCode = ldap.LDAPResultOperationsError
w.Write(res)
return
}
m.Client.SetConn(tlsConn)
log.Println("StartTLS OK")
}
func handleSearch(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetSearchRequest()
log.Printf("Request BaseDn=%s", r.GetBaseObject())
log.Printf("Request Filter=%s", r.GetFilter())
log.Printf("Request Attributes=%s", r.GetAttributes())
// Handle Stop Signal (server stop / client disconnected / Abandoned request....)
select {
case <-m.Done:
log.Print("Leaving handleSearch...")
return
default:
}
e := ldap.NewSearchResultEntry()
e.SetDn("cn=Valere JEANTET, " + string(r.GetBaseObject()))
e.AddAttribute("mail", "*****@*****.**", "*****@*****.**")
e.AddAttribute("company", "SODADI")
e.AddAttribute("department", "DSI/SEC")
e.AddAttribute("l", "Ferrieres en brie")
e.AddAttribute("mobile", "0612324567")
e.AddAttribute("telephoneNumber", "0612324567")
e.AddAttribute("cn", "Valère JEANTET")
w.Write(e)
e = ldap.NewSearchResultEntry()
e.SetDn("cn=Claire Thomas, " + string(r.GetBaseObject()))
e.AddAttribute("mail", "*****@*****.**")
e.AddAttribute("cn", "Claire THOMAS")
w.Write(e)
res := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
func (t *testLDAPServer) handleBind(w ldapserver.ResponseWriter, m *ldapserver.Message) {
r := m.GetBindRequest()
// Record the request
t.BindRequests = append(t.BindRequests, r)
dn := string(r.GetLogin())
password := string(r.GetPassword())
// Require a non-empty username and password
if len(dn) == 0 || len(password) == 0 {
w.Write(ldapserver.NewBindResponse(ldapserver.LDAPResultUnwillingToPerform))
return
}
// Require the DN to be found and the password to match
expectedPassword, ok := t.Passwords[dn]
if !ok || expectedPassword != password {
w.Write(ldapserver.NewBindResponse(ldapserver.LDAPResultInvalidCredentials))
return
}
w.Write(ldapserver.NewBindResponse(ldapserver.LDAPResultSuccess))
}
func handleDelete(w ldap.ResponseWriter, m *ldap.Message) {
r := m.GetDeleteRequest()
log.Printf("Deleting entry: %s", r.GetEntryDN())
res := ldap.NewDeleteResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
// handleBind return Success for any login/pass
func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
w.Write(res)
return
}
func handleSearchMyCompany(w ldap.ResponseWriter, m *ldap.Message) {
res := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess)
w.Write(res)
}
func handleWhoAmI(w ldap.ResponseWriter, m *ldap.Message) {
res := ldap.NewExtendedResponse(ldap.LDAPResultSuccess)
w.Write(res)
}