MCPcopy
hub / github.com/glauth/glauth / searchMaybeRootDSEQuery

Method searchMaybeRootDSEQuery

v2/pkg/handler/ldapopshelper.go:340–375  ·  view source on GitHub ↗

Search RootDSE and return information on the server Returns: LDAPResultSuccess, LDAPResultOther, LDAPResultUnwillingToPerform, LDAPResultInsufficientAccessRights

(ctx context.Context, h LDAPOpsHandler, baseDN string, searchBaseDN string, searchReq ldap.SearchRequest, anonymous bool)

Source from the content-addressed store, hash-verified

338// Search RootDSE and return information on the server
339// Returns: LDAPResultSuccess, LDAPResultOther, LDAPResultUnwillingToPerform, LDAPResultInsufficientAccessRights
340func (l LDAPOpsHelper) searchMaybeRootDSEQuery(ctx context.Context, h LDAPOpsHandler, baseDN string, searchBaseDN string, searchReq ldap.SearchRequest, anonymous bool) (resultentries []*ldap.Entry, ldapresultcode ldap.LDAPResultCode) {
341 ctx, span := l.tracer.Start(ctx, "handler.LDAPOpsHelper.searchMaybeRootDSEQuery")
342 defer span.End()
343
344 if searchBaseDN != "" {
345 return nil, ldap.LDAPResultOther // OK
346 }
347 /// Only base scope searches allowed if no basedn is provided
348 if searchReq.Scope != ldap.ScopeBaseObject {
349 h.GetLog().Info().Interface("src", searchReq.Controls).Msg("Search Error: No BaseDN provided")
350 return nil, ldap.LDAPResultUnwillingToPerform // KO
351 }
352 if anonymous && !h.GetBackend().AnonymousDSE {
353 return nil, ldap.LDAPResultInsufficientAccessRights // KO
354 }
355
356 h.GetLog().Info().Str("special case", "root DSE").Msg("Search request")
357 entries := []*ldap.Entry{}
358 attrs := []*ldap.EntryAttribute{}
359 // unfortunately, objectClass is not to be included so we will respect that
360 // attrs = append(attrs, &ldap.EntryAttribute{Name: "objectClass", Values: []string{"*"}})
361 attrs = append(attrs, &ldap.EntryAttribute{Name: "supportedSASLMechanisms", Values: []string{}})
362 //attrs = append(attrs, &ldap.EntryAttribute{Name: "supportedSASLMechanisms", Values: []string{"GSSAPI", "PLAIN", "EXTERNAL"}})
363 attrs = append(attrs, &ldap.EntryAttribute{Name: "supportedLDAPVersion", Values: []string{"3"}})
364 attrs = append(attrs, &ldap.EntryAttribute{Name: "supportedControl", Values: []string{}})
365 attrs = append(attrs, &ldap.EntryAttribute{Name: "supportedCapabilities", Values: []string{}})
366 attrs = append(attrs, &ldap.EntryAttribute{Name: "subschemaSubentry", Values: []string{"cn=schema"}})
367 attrs = append(attrs, &ldap.EntryAttribute{Name: "serverName", Values: []string{"unknown"}})
368 attrs = append(attrs, &ldap.EntryAttribute{Name: "namingContexts", Values: []string{baseDN}})
369 attrs = append(attrs, &ldap.EntryAttribute{Name: "defaultNamingContext", Values: []string{baseDN}})
370 attrs = l.collectRequestedAttributesBack(ctx, attrs, searchReq)
371 entries = append(entries, &ldap.Entry{DN: searchBaseDN, Attributes: attrs})
372 stats.Frontend.Add("search_successes", 1)
373 h.GetLog().Info().Str("filter", searchReq.Filter).Msg("AP: Root Search OK")
374 return entries, ldap.LDAPResultSuccess
375}
376
377// Search and return the information, after indirection from the RootDSE
378// Returns: LDAPResultSuccess, LDAPResultOther, LDAPResultOperationsError

Callers 1

SearchMethod · 0.95

Calls 5

StartMethod · 0.80
GetLogMethod · 0.65
GetBackendMethod · 0.65
AddMethod · 0.45

Tested by

no test coverage detected