mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
server: Improve rootDSE
Matches the case-insensitive "objectclass" filter, fix the reported version, and declares the name context and some other attributes. Potential fix to #330.
This commit is contained in:
parent
ff66e918cf
commit
2477439ecc
@ -109,7 +109,9 @@ fn root_dse_response(base_dn: &str) -> LdapOp {
|
|||||||
},
|
},
|
||||||
LdapPartialAttribute {
|
LdapPartialAttribute {
|
||||||
atype: "vendorVersion".to_string(),
|
atype: "vendorVersion".to_string(),
|
||||||
vals: vec![b"lldap_0.2.0".to_vec()],
|
vals: vec![concat!("lldap_", env!("CARGO_PKG_VERSION"))
|
||||||
|
.to_string()
|
||||||
|
.into_bytes()],
|
||||||
},
|
},
|
||||||
LdapPartialAttribute {
|
LdapPartialAttribute {
|
||||||
atype: "supportedLDAPVersion".to_string(),
|
atype: "supportedLDAPVersion".to_string(),
|
||||||
@ -117,12 +119,30 @@ fn root_dse_response(base_dn: &str) -> LdapOp {
|
|||||||
},
|
},
|
||||||
LdapPartialAttribute {
|
LdapPartialAttribute {
|
||||||
atype: "supportedExtension".to_string(),
|
atype: "supportedExtension".to_string(),
|
||||||
|
// Password modification extension.
|
||||||
vals: vec![b"1.3.6.1.4.1.4203.1.11.1".to_vec()],
|
vals: vec![b"1.3.6.1.4.1.4203.1.11.1".to_vec()],
|
||||||
},
|
},
|
||||||
LdapPartialAttribute {
|
LdapPartialAttribute {
|
||||||
atype: "defaultnamingcontext".to_string(),
|
atype: "supportedControl".to_string(),
|
||||||
|
vals: vec![],
|
||||||
|
},
|
||||||
|
LdapPartialAttribute {
|
||||||
|
atype: "supportedFeatures".to_string(),
|
||||||
|
// Attribute "+"
|
||||||
|
vals: vec![b"1.3.6.1.4.1.4203.1.5.1".to_vec()],
|
||||||
|
},
|
||||||
|
LdapPartialAttribute {
|
||||||
|
atype: "defaultNamingContext".to_string(),
|
||||||
vals: vec![base_dn.to_string().into_bytes()],
|
vals: vec![base_dn.to_string().into_bytes()],
|
||||||
},
|
},
|
||||||
|
LdapPartialAttribute {
|
||||||
|
atype: "namingContexts".to_string(),
|
||||||
|
vals: vec![base_dn.to_string().into_bytes()],
|
||||||
|
},
|
||||||
|
LdapPartialAttribute {
|
||||||
|
atype: "isGlobalCatalogReady".to_string(),
|
||||||
|
vals: vec![b"false".to_vec()],
|
||||||
|
},
|
||||||
],
|
],
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
@ -307,16 +327,17 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
|
|||||||
&mut self,
|
&mut self,
|
||||||
request: &LdapSearchRequest,
|
request: &LdapSearchRequest,
|
||||||
) -> LdapResult<Vec<LdapOp>> {
|
) -> LdapResult<Vec<LdapOp>> {
|
||||||
if request.base.is_empty()
|
if request.base.is_empty() && request.scope == LdapSearchScope::Base {
|
||||||
&& request.scope == LdapSearchScope::Base
|
if let LdapFilter::Present(attribute) = &request.filter {
|
||||||
&& request.filter == LdapFilter::Present("objectClass".to_string())
|
if attribute.to_ascii_lowercase() == "objectclass" {
|
||||||
{
|
|
||||||
debug!("rootDSE request");
|
debug!("rootDSE request");
|
||||||
return Ok(vec![
|
return Ok(vec![
|
||||||
root_dse_response(&self.ldap_info.base_dn_str),
|
root_dse_response(&self.ldap_info.base_dn_str),
|
||||||
make_search_success(),
|
make_search_success(),
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
let user_info = self.user_info.as_ref().ok_or_else(|| LdapError {
|
let user_info = self.user_info.as_ref().ok_or_else(|| LdapError {
|
||||||
code: LdapResultCode::InsufficentAccessRights,
|
code: LdapResultCode::InsufficentAccessRights,
|
||||||
message: "No user currently bound".to_string(),
|
message: "No user currently bound".to_string(),
|
||||||
|
Loading…
Reference in New Issue
Block a user