ldapserver, directoryserver: all traces
This commit is contained in:
Girish Ramakrishnan
+16
-16
@@ -16,7 +16,7 @@ import shellModule from './shell.js';
|
||||
import users from './users.js';
|
||||
import util from 'node:util';
|
||||
|
||||
const { log } = logger('directoryserver');
|
||||
const { trace } = logger('directoryserver');
|
||||
const shell = shellModule('directoryserver');
|
||||
|
||||
|
||||
@@ -57,7 +57,7 @@ async function validateConfig(config) {
|
||||
}
|
||||
|
||||
async function authorize(req, res, next) {
|
||||
log('authorize: ', req.connection.ldap.bindDN.toString());
|
||||
trace('authorize: ', req.connection.ldap.bindDN.toString());
|
||||
|
||||
// this is for connection attempts without previous bind
|
||||
if (req.connection.ldap.bindDN.equals('cn=anonymous')) return next(new ldap.InsufficientAccessRightsError());
|
||||
@@ -69,7 +69,7 @@ async function authorize(req, res, next) {
|
||||
}
|
||||
|
||||
async function maybeRootDSE(req, res, next) {
|
||||
log(`maybeRootDSE: requested with scope:${req.scope} dn:${req.dn.toString()}`);
|
||||
trace(`maybeRootDSE: requested with scope:${req.scope} dn:${req.dn.toString()}`);
|
||||
|
||||
if (req.scope !== 'base') return next(new ldap.NoSuchObjectError()); // per the spec, rootDSE search require base scope
|
||||
if (!req.dn || req.dn.toString() !== '') return next(new ldap.NoSuchObjectError());
|
||||
@@ -126,7 +126,7 @@ async function userAuth(req, res, next) {
|
||||
async function stop() {
|
||||
if (!gServer) return;
|
||||
|
||||
log('stopping server');
|
||||
trace('stopping server');
|
||||
|
||||
await util.promisify(gServer.close.bind(gServer))();
|
||||
gServer = null;
|
||||
@@ -192,7 +192,7 @@ function finalSend(results, req, res, next) {
|
||||
|
||||
// Will attach req.user if successful
|
||||
async function userSearch(req, res, next) {
|
||||
log('user search: dn %s, scope %s, filter %s (from %s)', req.dn.toString(), req.scope, req.filter.toString(), req.connection.ldap.id);
|
||||
trace('user search: dn %s, scope %s, filter %s (from %s)', req.dn.toString(), req.scope, req.filter.toString(), req.connection.ldap.id);
|
||||
|
||||
const [error, allUsers] = await safe(users.list());
|
||||
if (error) return next(new ldap.OperationsError(error.message));
|
||||
@@ -248,7 +248,7 @@ async function userSearch(req, res, next) {
|
||||
}
|
||||
|
||||
async function groupSearch(req, res, next) {
|
||||
log('group search: dn %s, scope %s, filter %s (from %s)', req.dn.toString(), req.scope, req.filter.toString(), req.connection.ldap.id);
|
||||
trace('group search: dn %s, scope %s, filter %s (from %s)', req.dn.toString(), req.scope, req.filter.toString(), req.connection.ldap.id);
|
||||
|
||||
const [error, allUsers] = await safe(users.list());
|
||||
if (error) return next(new ldap.OperationsError(error.message));
|
||||
@@ -292,10 +292,10 @@ async function start() {
|
||||
const ldapLogger = {
|
||||
trace: NOOP,
|
||||
debug: NOOP,
|
||||
info: log,
|
||||
warn: log,
|
||||
error: log,
|
||||
fatal: log
|
||||
info: trace,
|
||||
warn: trace,
|
||||
error: trace,
|
||||
fatal: trace
|
||||
};
|
||||
|
||||
gCertificate = await reverseProxy.getDirectoryServerCertificate();
|
||||
@@ -307,11 +307,11 @@ async function start() {
|
||||
});
|
||||
|
||||
gServer.on('error', function (error) {
|
||||
log('server startup error: %o', error);
|
||||
trace('server startup error: %o', error);
|
||||
});
|
||||
|
||||
gServer.bind('ou=system,dc=cloudron', async function(req, res, next) {
|
||||
log('system bind: %s (from %s)', req.dn.toString(), req.connection.ldap.id);
|
||||
trace('system bind: %s (from %s)', req.dn.toString(), req.connection.ldap.id);
|
||||
|
||||
const config = await getConfig();
|
||||
|
||||
@@ -340,11 +340,11 @@ async function start() {
|
||||
|
||||
// just log that an attempt was made to unknown route, this helps a lot during app packaging
|
||||
gServer.use(function(req, res, next) {
|
||||
log('not handled: dn %s, scope %s, filter %s (from %s)', req.dn ? req.dn.toString() : '-', req.scope, req.filter ? req.filter.toString() : '-', req.connection.ldap.id);
|
||||
trace('not handled: dn %s, scope %s, filter %s (from %s)', req.dn ? req.dn.toString() : '-', req.scope, req.filter ? req.filter.toString() : '-', req.connection.ldap.id);
|
||||
return next();
|
||||
});
|
||||
|
||||
log(`starting server on port ${constants.USER_DIRECTORY_LDAPS_PORT}`);
|
||||
trace(`starting server on port ${constants.USER_DIRECTORY_LDAPS_PORT}`);
|
||||
await util.promisify(gServer.listen.bind(gServer))(constants.USER_DIRECTORY_LDAPS_PORT, '::');
|
||||
}
|
||||
|
||||
@@ -397,11 +397,11 @@ async function checkCertificate() {
|
||||
|
||||
const certificate = await reverseProxy.getDirectoryServerCertificate();
|
||||
if (certificate.cert === gCertificate.cert) {
|
||||
log('checkCertificate: certificate has not changed');
|
||||
trace('checkCertificate: certificate has not changed');
|
||||
return;
|
||||
}
|
||||
|
||||
log('checkCertificate: certificate changed. restarting');
|
||||
trace('checkCertificate: certificate changed. restarting');
|
||||
await stop();
|
||||
await start();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user