X-Git-Url: http://git.rot13.org/?p=virtual-ldap;a=blobdiff_plain;f=bin%2Fldap-rewrite.pl;h=4e2d55e672cae29a74cb75594fa808ceede97578;hp=ebf25b2815505734b7bf4b0bc030fc5fd77519c2;hb=1372374f7304912d81029a3a3b3f0a935e9b9fa0;hpb=5452f16234fdd8148ebb72982b831e27fcb8c267 diff --git a/bin/ldap-rewrite.pl b/bin/ldap-rewrite.pl index ebf25b2..4e2d55e 100755 --- a/bin/ldap-rewrite.pl +++ b/bin/ldap-rewrite.pl @@ -9,12 +9,29 @@ use warnings; use IO::Select; use IO::Socket; +use IO::Socket::SSL; use warnings; use Data::Dump qw/dump/; use Convert::ASN1 qw(asn_read); use Net::LDAP::ASN qw(LDAPRequest LDAPResponse); our $VERSION = '0.2'; use fields qw(socket target); +use YAML qw/LoadFile/; + +my $config = { + yaml_dir => './yaml/', + listen => 'localhost:1389', + upstream_ldap => 'ldap.ffzg.hr', + upstream_ssl => 1, + overlay_prefix => 'ffzg-', + +}; + +if ( ! -d $config->{yaml_dir} ) { + warn "DISABLE ", $config->{yaml_dir}," data overlay"; +} + +warn "# config = ",dump( $config ); sub handle { my $clientsocket=shift; @@ -62,24 +79,48 @@ sub log_response { Convert::ASN1::asn_hexdump(\*STDOUT,$pdu); print "Response Perl:\n"; my $response = $LDAPResponse->decode($pdu); - print dump($response); if ( defined $response->{protocolOp}->{searchResEntry} ) { my $uid = $response->{protocolOp}->{searchResEntry}->{objectName}; warn "## SEARCH $uid"; + + my @attrs; + map { - if ( $_->{type} eq 'postalAddress' ) { - $_->{vals} = [ 'foobar' ]; + if ( $_->{type} eq 'hrEduPersonUniqueNumber' ) { + foreach my $val ( @{ $_->{vals} } ) { + next if $val !~ m{.+:.+}; + my ( $n, $v ) = split(/\s*:\s*/, $val ); + push @attrs, { type => $_->{type} . '_' . $n, vals => [ $v ] }; + } } } @{ $response->{protocolOp}->{searchResEntry}->{attributes} }; - push @{ $response->{protocolOp}->{searchResEntry}->{attributes} }, - { type => 'ffzg-datum_rodjenja', vals => [ '2009-01-01' ], } - ; + warn "# ++ attrs ",dump( @attrs ); + + push @{ $response->{protocolOp}->{searchResEntry}->{attributes} }, $_ foreach @attrs; + + my $path = $config->{yaml_dir} . "$uid.yaml"; + if ( -e $path ) { + my $data = LoadFile($path); + warn "# yaml = ",dump($data); + + foreach my $type ( keys %$data ) { + + my $vals = $data->{$type}; + + push @{ $response->{protocolOp}->{searchResEntry}->{attributes} }, { + type => $config->{overlay_prefix} . $type, + vals => ref($vals) eq 'ARRAY' ? $vals : [ $vals ], + }; + } + } $pdu = $LDAPResponse->encode($response); } + print dump($response); + return $pdu; } @@ -90,6 +131,10 @@ sub run_proxy { die "Could not create listener socket: $!\n" unless $listenersock; die "Could not create connection to server: $!\n" unless $targetsock; + # mark sockets as binary + binmode( $listenersock ); + binmode( $targetsock ); + my $sel = IO::Select->new($listenersock); my %Handlers; while (my @ready = $sel->can_read) { @@ -116,15 +161,18 @@ my $listenersock = IO::Socket::INET->new( Listen => 5, Proto => 'tcp', Reuse => 1, - LocalPort => 1389 + LocalAddr => $config->{listen}, ); -my $targetsock = new IO::Socket::INET ( - Proto => 'tcp', - PeerAddr => 'ldap.ffzg.hr', - PeerPort => 389, -); +my $targetsock = $config->{upstream_ssl} + ? IO::Socket::INET->new( + Proto => 'tcp', + PeerAddr => $config->{upstream_ldap}, + PeerPort => 389, + ) + : IO::Socket::SSL->new( $config->{upstream_ldap} . ':ldaps') + ; run_proxy($listenersock,$targetsock);