More logs

2020-01-28 00:52:30 +01:00 · 2020-01-28 00:52:30 +01:00 · e1f5c31402
commit e1f5c31402
parent 3edaad9317
5 changed files with 15 additions and 9 deletions
--- a/gobottin.hcl.example
+++ b/gobottin.hcl.example
@ -12,10 +12,10 @@ job "directory" {
    task "server" {
      driver = "docker"
      config {
-        image = "lxpz/gobottin_amd64:5"
+        image = "lxpz/gobottin_amd64:12"
        readonly_rootfs = true
        port_map {
-          ldap_port = 1389
+          ldap_port = 389
        }
 		volumes = [
 			"secrets/config.json:/config.json"
--- a/ldapserver/client.go
+++ b/ldapserver/client.go
@ -134,8 +134,9 @@ func (c *client) serve() {
 			Logger.Printf("Error reading Message : %s\n\t%x", err.Error(), messagePacket.bytes)
 			continue
 		}
-		if DEBUG {
-			Logger.Printf("<<< %d - %s - hex=%x", c.Numero, message.ProtocolOpName(), messagePacket)
+		if TRACE {
+			//Logger.Printf("<<< %d - %s - hex=%x", c.Numero, message.ProtocolOpName(), messagePacket)
+			Logger.Printf("<<< %d - %#v", c.Numero, message)
 		}

 		// TODO: Use a implementation to limit runnuning request by client
@ -211,8 +212,9 @@ func (c *client) close() {

 func (c *client) writeMessage(m *ldap.LDAPMessage) {
 	data, _ := m.Write()
-	if DEBUG {
-		Logger.Printf(">>> %d - %s - hex=%x", c.Numero, m.ProtocolOpName(), data.Bytes())
+	if TRACE {
+		//Logger.Printf(">>> %d - %s - hex=%x", c.Numero, m.ProtocolOpName(), data.Bytes())
+		Logger.Printf(">>> %d - %#v", c.Numero, m)
 	}
 	c.bw.Write(data.Bytes())
 	c.bw.Flush()
--- a/ldapserver/logger.go
+++ b/ldapserver/logger.go
@ -9,6 +9,7 @@ import (
 var Logger logger

 const DEBUG = false
+const TRACE = false

 // Logger represents log.Logger functions from the standard library
 type logger interface {
--- a/main.go
+++ b/main.go
@ -413,7 +413,7 @@ func (server *Server) handleBind(s ldap.UserState, w ldap.ResponseWriter, m *lda
 func (server *Server) handleBindInternal(state *State, r *message.BindRequest) (int, error) {
 	// Check permissions
 	if !server.config.Acl.Check(&state.login, "bind", string(r.Name()), []string{}) {
-		return ldap.LDAPResultInsufficientAccessRights, nil
+		return ldap.LDAPResultInsufficientAccessRights, fmt.Errorf("Insufficient access rights for %#v", state.login)
 	}

 	// Try to retrieve password and check for match
@ -422,7 +422,7 @@ func (server *Server) handleBindInternal(state *State, r *message.BindRequest) (
 		return ldap.LDAPResultOperationsError, err
 	}
 	if passwd == nil {
-		return ldap.LDAPResultNoSuchObject, nil
+		return ldap.LDAPResultNoSuchObject, fmt.Errorf("%s has no password", string(r.Name()))
 	}

 	for _, hash := range passwd {
@ -439,5 +439,5 @@ func (server *Server) handleBindInternal(state *State, r *message.BindRequest) (
 			return ldap.LDAPResultSuccess, nil
 		}
 	}
-	return ldap.LDAPResultInvalidCredentials, nil
+	return ldap.LDAPResultInvalidCredentials, fmt.Errorf("No password match")
 }
--- a/read.go
+++ b/read.go
@ -73,6 +73,9 @@ func (server *Server) handleSearch(s ldap.UserState, w ldap.ResponseWriter, m *l
 	if err != nil {
 		res.SetDiagnosticMessage(err.Error())
 	}
+	if code != ldap.LDAPResultSuccess {
+		server.logger.Printf("Failed to do search %#v (%s)", r, err)
+	}
 	w.Write(message.SearchResultDone(res))
 }