/
serve.go
88 lines (76 loc) · 2.53 KB
/
serve.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
// Copyright © 2018 Joel Rebello <joel.rebello@booking.com>
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package cmd
import (
"fmt"
"sync"
"github.com/bmc-toolbox/bmcldap/pkg"
"github.com/bmc-toolbox/bmcldap/pkg/config"
"github.com/spf13/cobra"
"github.com/spf13/viper"
)
// serveCmd represents the serve command
var serveCmd = &cobra.Command{
Use: "serve",
Short: "Start LDAP service",
Run: func(cmd *cobra.Command, args []string) {
serve()
},
}
func init() {
rootCmd.AddCommand(serveCmd)
}
func serve() {
//TODO: add config validator
config := config.Config{
BaseDN: viper.GetString("BaseDN"),
ClientCaCert: viper.GetString("ClientCaCert"),
RemoteServerName: viper.GetString("RemoteServerName"),
RemoteServerPortTLS: viper.GetInt("RemoteServerPortTLS"),
Debug: viper.GetBool("Debug"),
MinTLSVersion: viper.GetString("MinTLSVersion"),
CipherSuites: viper.GetStringSlice("CipherSuites"),
PortTLS: viper.GetInt("PortTLS"),
PortInsecure: viper.GetInt("PortInsecure"),
Cert: viper.GetString("Cert"),
Key: viper.GetString("Key"),
Prefixes: viper.GetStringSlice("Prefixes"),
SuperMicroAuthorizedDNs: viper.GetStringMapString("SuperMicroAuthorizedDNs"),
IgnoreFilters: viper.GetStringSlice("IgnoreFilters"),
}
// To ease the abstraction, an empty prefix always exists.
if config.Prefixes == nil {
config.Prefixes = []string{""}
} else {
found := false
for _, prefix := range config.Prefixes {
if prefix == "" {
found = true
break
}
}
if !found {
config.Prefixes = append([]string{""}, config.Prefixes...)
}
}
server := pkg.NewLdapServer(logger, &config)
var wg sync.WaitGroup
wg.Add(2)
ldapsAddr := fmt.Sprintf(":%d", config.PortTLS)
ldapAddr := fmt.Sprintf(":%d", config.PortInsecure)
tlsConfig := server.LoadTlsConfig(&config)
go server.Ldaps("tcp", ldapsAddr, tlsConfig)
go server.Ldap("tcp", ldapAddr)
wg.Wait()
}