-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathschema.go
131 lines (122 loc) · 3.97 KB
/
schema.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package ldapx
import (
"github.com/go-ldap/ldap/v3"
)
// LDAPSchema represents the LDAP schema.
type LDAPSchema struct {
Syntaxes []string // Attribute syntaxes
MatchingRules []string // Attribute matching rules
MatchingRuleUse []string // Attribute matching rule use
AttributeTypes []string // Attribute types
ObjectClasses []string // Object classes
}
// RootDSE represents the RootDSE.
type RootDSE struct {
SupportedLDAPVersion []string // LDAP versions supported by the server
SupportedControls []string // Controls supported by the server
SupportedExtensions []string // Extensions supported by the server
SupportedFeatures []string // Features supported by the server
SupportedSASLMechanisms []string // SASL mechanisms supported by the server
SupportedTLSCiphers []string // TLS ciphers supported by the server
ConfigContext string // Config context
NamingContexts []string // Naming contexts
SubschemaSubEntry string // Subschema subentry
SupportedAuthPasswordSchemes []string // Password schemes supported by the server
VendorName string // Vendor name
VendorVersion string // Vendor version
}
// AttributeType represents an attribute type.
type AttributeType struct {
OID string
Name string
Syntax string
SingleValue bool
}
// Schema returns the LDAP schema.
func (c *Conn) Schema() (*LDAPSchema, error) {
rootDSE, err := c.RootDSE()
if err != nil {
return nil, err
}
//
result, err := c.Search(NewSearchRequest(
rootDSE.SubschemaSubEntry,
ldap.ScopeBaseObject, ldap.NeverDerefAliases,
0, 0, false,
"(objectclass=*)",
[]string{
"ldapSyntaxes",
"matchingRules",
"matchingRuleUse",
"attributeTypes",
"objectClasses",
},
nil,
))
if err != nil {
return nil, err
}
for _, e := range result.Entries {
return &LDAPSchema{
Syntaxes: e.GetAttributeValues("ldapSyntaxes"),
MatchingRules: e.GetAttributeValues("matchingRules"),
MatchingRuleUse: e.GetAttributeValues("matchingRuleUse"),
AttributeTypes: e.GetAttributeValues("attributeTypes"),
ObjectClasses: e.GetAttributeValues("objectClasses"),
}, nil
}
return nil, err
}
// rootDSE returns the RootDSE.
func rootDSE(conn *ldap.Conn) (*RootDSE, error) {
result, err := conn.Search(NewSearchRequest(
"",
ldap.ScopeBaseObject, ldap.NeverDerefAliases,
0, 0, false,
"(objectclass=*)",
[]string{
"supportedLDAPVersion",
"supportedControl",
"supportedExtension",
"supportedFeatures",
"supportedSASLMechanisms",
"supportedTLSCiphers",
"configContext",
"namingContexts",
"subschemaSubentry",
"supportedAuthPasswordSchemes",
"vendorName",
"vendorVersion",
},
nil,
))
if err != nil {
return nil, err
}
for _, e := range result.Entries {
return &RootDSE{
SupportedLDAPVersion: e.GetAttributeValues("supportedLDAPVersion"),
SupportedControls: e.GetAttributeValues("supportedControl"),
SupportedExtensions: e.GetAttributeValues("supportedExtension"),
SupportedFeatures: e.GetAttributeValues("supportedFeatures"),
SupportedSASLMechanisms: e.GetAttributeValues("supportedSASLMechanisms"),
SupportedTLSCiphers: e.GetAttributeValues("supportedTLSCiphers"),
ConfigContext: e.GetAttributeValue("configContext"),
NamingContexts: e.GetAttributeValues("namingContexts"),
SubschemaSubEntry: e.GetAttributeValue("subschemaSubentry"),
SupportedAuthPasswordSchemes: e.GetAttributeValues("supportedAuthPasswordSchemes"),
VendorName: e.GetAttributeValue("vendorName"),
VendorVersion: e.GetAttributeValue("vendorVersion"),
}, nil
}
return nil, nil
}
// RootDSE returns the RootDSE.
func (c *Conn) RootDSE() (*RootDSE, error) {
conn, err := getConn(c.pool)
if err != nil {
return nil, err
}
defer putConn(c.pool, conn)
return rootDSE(conn)
}