/[A3C]/lib/A3C/LDAP/Server.pm
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /lib/A3C/LDAP/Server.pm

Parent Directory Parent Directory | Revision Log Revision Log

Revision 223 - (hide annotations)
Thu Jun 26 21:57:33 2008 UTC (15 years, 10 months ago) by dpavlin
File size: 2907 byte(s) 
Ported enough code from Matej Vela's ldap server
to relay requests to upstream and dump them.

Currently, it will allow you to login as any valid user
in ldap because it ALWAYS returns RESULT_OK for bind.
1 dpavlin 222 package A3C::LDAP::Server;
2    
3     use strict;
4     use warnings;
5    
6 dpavlin 223 use Net::LDAP::Constant qw(
7     LDAP_SUCCESS
8     LDAP_STRONG_AUTH_NOT_SUPPORTED
9     LDAP_UNAVAILABLE
10     LDAP_OPERATIONS_ERROR
11     );
12 dpavlin 222 use Net::LDAP::Server;
13 dpavlin 223 use Net::LDAP::Filter;
14 dpavlin 222 use base 'Net::LDAP::Server';
15 dpavlin 223 use fields qw(upstream);
16 dpavlin 222
17 dpavlin 223 use A3C::LDAP;
18     use Data::Dump qw/dump/;
19    
20 dpavlin 222 use constant RESULT_OK => {
21     'matchedDN' => '',
22     'errorMessage' => '',
23     'resultCode' => LDAP_SUCCESS
24     };
25    
26     # constructor
27     sub new {
28     my ($class, $sock) = @_;
29     my $self = $class->SUPER::new($sock);
30     printf "Accepted connection from: %s\n", $sock->peerhost();
31     return $self;
32     }
33    
34     # the bind operation
35     sub bind {
36 dpavlin 223 my ($self,$req) = @_;
37    
38     warn "## bind req = ",dump($req);
39    
40     defined($req->{authentication}->{simple}) or return {
41     matchedDN => '',
42     errorMessage => '',
43     resultCode => LDAP_STRONG_AUTH_NOT_SUPPORTED,
44     };
45    
46     $self->{upstream} ||= A3C::LDAP->new->ldap or return {
47     matchedDN => '',
48     errorMessage => $@,
49     resultCode => LDAP_UNAVAILABLE,
50     };
51    
52     warn "## upstream = ",dump( $self->{upstream} );
53     # warn "upstream not Net::LDAP but ",ref($self->{upstream}) unless ref($self->{upstream}) eq 'Net::LDAP';
54    
55 dpavlin 222 return RESULT_OK;
56     }
57    
58     # the search operation
59     sub search {
60 dpavlin 223 my ($self,$req) = @_;
61 dpavlin 222
62 dpavlin 223 warn "## search req = ",dump( $req );
63    
64     if ( ! $self->{upstream} ) {
65     warn "search without bind";
66     return {
67     matchedDN => '',
68     errorMessage => 'dude, bind first',
69     resultCode => LDAP_OPERATIONS_ERROR,
70     };
71 dpavlin 222 }
72 dpavlin 223
73     my $filter;
74     if (defined $req->{filter}) {
75     # $req->{filter} is a ASN1-decoded tree; luckily, this is exactly the
76     # internal representation Net::LDAP::Filter uses. [FIXME] Eventually
77     # Net::LDAP::Filter should provide a corresponding constructor.
78     bless($req->{filter}, 'Net::LDAP::Filter');
79     $filter = $req->{filter}->as_string;
80     # $filter = '(&' . $req->{filter}->as_string
81     # . '(objectClass=hrEduPerson)(host=aai.irb.hr))';
82     }
83    
84     warn "search upstream for $filter";
85    
86     my $search = $self->{upstream}->search(
87     base => $req->{baseObject},
88     scope => $req->{scope},
89     deref => $req->{derefAliases},
90     sizelimit => $req->{sizeLimit},
91     timelimit => $req->{timeLimit},
92     typesonly => $req->{typesOnly},
93     filter => $filter,
94     attrs => $req->{attributes},
95     raw => qr/.*/,
96     );
97    
98     warn "# search = ",dump( $search );
99    
100     if ( $search->code != LDAP_SUCCESS ) {
101     warn "ERROR: ",$search->code,": ",$search->server_error;
102     return {
103     matchedDN => '',
104     errorMessage => $search->server_error,
105     resultCode => $search->code,
106     };
107     };
108    
109     my @entries = $search->entries;
110     warn "## got ", $search->count, " entries for ", $filter;
111     foreach my $entry (@entries) {
112     $entry->changetype('add'); # Don't record changes.
113     # foreach my $attr ($entry->attributes) {
114     # if ($attr =~ /;lang-en$/) {
115     # $entry->delete($attr);
116     # }
117     # }
118     }
119    
120     warn "## entries = ",dump( @entries );
121 dpavlin 222 return RESULT_OK, @entries;
122     }
123    
124     # the rest of the operations will return an "unwilling to perform"
125    
126     1;
  ViewVC Help
Powered by ViewVC 1.1.26