jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Revert "Limit ldap queries per client to 60 per minute"

Browse Source 
This reverts commit 466dfdf81f.
This commit is contained in:
Johannes Zellner
2017-03-22 19:01:13 +01:00
parent 0e7efa77a5
commit c905adde1e
1 changed files with 9 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/ldap.js
View File

@@ -16,7 +16,6 @@ var assert = require('assert'),
UserError = user.UserError,
ldap = require('ldapjs'),
mailboxdb = require('./mailboxdb.js'),
rateLimit = require('ldapjs-rate-limit'),
safe = require('safetydance');
var gServer = null;
@@ -346,30 +345,27 @@ function start(callback) {
fatal: console.error
};
// This allows 60 requests per minute per client (ip) and does not delay any in between
var limit = rateLimit({ max: 60, windowMs: 60000, delayAfter: 0 });
gServer = ldap.createServer({ log: logger });
gServer.search('ou=users,dc=cloudron', limit, userSearch);
gServer.search('ou=groups,dc=cloudron', limit, groupSearch);
gServer.bind('ou=users,dc=cloudron', limit, authenticateUser, authorizeUserForApp);
gServer.search('ou=users,dc=cloudron', userSearch);
gServer.search('ou=groups,dc=cloudron', groupSearch);
gServer.bind('ou=users,dc=cloudron', authenticateUser, authorizeUserForApp);
// http://www.ietf.org/proceedings/43/I-D/draft-srivastava-ldap-mail-00.txt
gServer.search('ou=mailboxes,dc=cloudron', limit, mailboxSearch);
gServer.search('ou=mailaliases,dc=cloudron', limit, mailAliasSearch);
gServer.search('ou=mailinglists,dc=cloudron', limit, mailingListSearch);
gServer.search('ou=mailboxes,dc=cloudron', mailboxSearch);
gServer.search('ou=mailaliases,dc=cloudron', mailAliasSearch);
gServer.search('ou=mailinglists,dc=cloudron', mailingListSearch);
gServer.bind('ou=mailboxes,dc=cloudron', limit, authenticateMailbox);
gServer.bind('ou=mailboxes,dc=cloudron', authenticateMailbox);
// this is the bind for addons (after bind, they might search and authenticate)
gServer.bind('ou=addons,dc=cloudron', limit, function(req, res, next) {
gServer.bind('ou=addons,dc=cloudron', function(req, res, next) {
debug('addons bind: %s', req.dn.toString()); // note: cn can be email or id
res.end();
});
// this is the bind for apps (after bind, they might search and authenticate user)
gServer.bind('ou=apps,dc=cloudron', limit, function(req, res, next) {
gServer.bind('ou=apps,dc=cloudron', function(req, res, next) {
// TODO: validate password
debug('application bind: %s', req.dn.toString());
res.end();