Implement (inefficiently) search scopes

This commit is contained in:
Alex 2020-02-09 18:36:13 +01:00
parent d02bd17b16
commit 0402f7806a
2 changed files with 13 additions and 1 deletions

View file

@ -12,7 +12,7 @@ job "directory" {
task "server" {
driver = "docker"
config {
image = "lxpz/bottin_amd64:7"
image = "lxpz/bottin_amd64:8"
readonly_rootfs = true
port_map {
ldap_port = 389

12
read.go
View file

@ -97,6 +97,8 @@ func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter,
return ldap.LDAPResultInsufficientAccessRights, fmt.Errorf("Please specify a base object on which you have read rights")
}
baseObjectLevel := len(strings.Split(baseObject, ","))
basePath, err := dnToConsul(baseObject)
if err != nil {
return ldap.LDAPResultInvalidDNSyntax, err
@ -116,6 +118,16 @@ func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter,
server.logger.Tracef("%#v", entries)
for dn, entry := range entries {
if r.Scope() == message.SearchRequestScopeBaseObject {
if dn != baseObject {
continue
}
} else if r.Scope() == message.SearchRequestSingleLevel {
objectLevel := len(strings.Split(dn, ","))
if objectLevel != baseObjectLevel + 1 {
continue
}
}
// Filter out if we don't match requested filter
matched, err := applyFilter(entry, r.Filter())
if err != nil {