use log rather than fmt
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@@ -5,6 +5,7 @@ import (
|
|||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"encoding/pem"
|
"encoding/pem"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"log"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
@@ -31,7 +32,7 @@ func GetFilePath(path string) string {
|
|||||||
|
|
||||||
// check if filename exists
|
// check if filename exists
|
||||||
if _, err := os.Stat(path); os.IsNotExist((err)) {
|
if _, err := os.Stat(path); os.IsNotExist((err)) {
|
||||||
fmt.Printf("File '%s' not found, searching in same directory as binary\n", path)
|
log.Printf("File '%s' not found, searching in same directory as binary\n", path)
|
||||||
// if not, check that it exists in the same directory as the currently executing binary
|
// if not, check that it exists in the same directory as the currently executing binary
|
||||||
ex, err2 := os.Executable()
|
ex, err2 := os.Executable()
|
||||||
if err2 != nil {
|
if err2 != nil {
|
||||||
@@ -49,20 +50,20 @@ func LoadLdapCert() {
|
|||||||
// Get a copy of the system defined CA's
|
// Get a copy of the system defined CA's
|
||||||
systemCA, err = x509.SystemCertPool()
|
systemCA, err = x509.SystemCertPool()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Printf("LoadLdapCert error getting system certificate pool : '%s'\n", err)
|
log.Printf("LoadLdapCert error getting system certificate pool : '%s'\n", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// only try to load certificate from file if the command line argument was specified
|
// only try to load certificate from file if the command line argument was specified
|
||||||
ldapCertFile := os.Getenv("LDAP_TRUST_CERT_FILE")
|
ldapCertFile := os.Getenv("LDAP_TRUST_CERT_FILE")
|
||||||
if ldapCertFile == "" {
|
if ldapCertFile == "" {
|
||||||
fmt.Printf("LoadLdapCert no certificate specified\n")
|
log.Printf("LoadLdapCert no certificate specified\n")
|
||||||
return
|
return
|
||||||
} else {
|
} else {
|
||||||
// Try to read the file
|
// Try to read the file
|
||||||
cf, err := os.ReadFile(GetFilePath(ldapCertFile))
|
cf, err := os.ReadFile(GetFilePath(ldapCertFile))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Printf("LoadLdapCert error opening LDAP certificate file '%s' : '%s'\n", ldapCertFile, err)
|
log.Printf("LoadLdapCert error opening LDAP certificate file '%s' : '%s'\n", ldapCertFile, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -72,7 +73,7 @@ func LoadLdapCert() {
|
|||||||
//fmt.Printf("Loaded certificate with subject %s\n", crt.Subject)
|
//fmt.Printf("Loaded certificate with subject %s\n", crt.Subject)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Printf("LoadLdapCert error processing LDAP certificate file '%s' : '%s'\n", ldapCertFile, err)
|
log.Printf("LoadLdapCert error processing LDAP certificate file '%s' : '%s'\n", ldapCertFile, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -88,13 +89,13 @@ func VerifyLdapCreds(username string, password string) bool {
|
|||||||
var err error
|
var err error
|
||||||
ldapServer := os.Getenv("LDAP_BIND_ADDRESS")
|
ldapServer := os.Getenv("LDAP_BIND_ADDRESS")
|
||||||
if ldapServer == "" {
|
if ldapServer == "" {
|
||||||
fmt.Printf("VerifyLdapCreds no LDAP bind address supplied\n")
|
log.Printf("VerifyLdapCreds no LDAP bind address supplied\n")
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
ldapBaseDn := os.Getenv("LDAP_BASE_DN")
|
ldapBaseDn := os.Getenv("LDAP_BASE_DN")
|
||||||
if ldapBaseDn == "" {
|
if ldapBaseDn == "" {
|
||||||
fmt.Printf("VerifyLdapCreds no LDAP base DN supplied\n")
|
log.Printf("VerifyLdapCreds no LDAP base DN supplied\n")
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -113,7 +114,7 @@ func VerifyLdapCreds(username string, password string) bool {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Printf("VerifyLdapCreds error connecting to LDAP bind address '%s' : '%s'\n", ldapServer, err)
|
log.Printf("VerifyLdapCreds error connecting to LDAP bind address '%s' : '%s'\n", ldapServer, err)
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -122,10 +123,10 @@ func VerifyLdapCreds(username string, password string) bool {
|
|||||||
// try to bind to AD
|
// try to bind to AD
|
||||||
err = ldaps.Bind(username, password)
|
err = ldaps.Bind(username, password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Printf("VerifyLdapCreds error binding to LDAP with supplied credentials : '%s'\n", err)
|
log.Printf("VerifyLdapCreds error binding to LDAP with supplied credentials : '%s'\n", err)
|
||||||
return false
|
return false
|
||||||
} else {
|
} else {
|
||||||
fmt.Printf("VerifyLdapCreds successfully bound to LDAP\n")
|
log.Printf("VerifyLdapCreds successfully bound to LDAP\n")
|
||||||
}
|
}
|
||||||
|
|
||||||
searchReq := ldap.NewSearchRequest(
|
searchReq := ldap.NewSearchRequest(
|
||||||
@@ -141,11 +142,11 @@ func VerifyLdapCreds(username string, password string) bool {
|
|||||||
)
|
)
|
||||||
result, err := ldaps.Search(searchReq)
|
result, err := ldaps.Search(searchReq)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Printf("VerifyLdapCreds search error : '%s'\n", err)
|
log.Printf("VerifyLdapCreds search error : '%s'\n", err)
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
fmt.Printf("result: %v\n", result)
|
log.Printf("result: %v\n", result)
|
||||||
|
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -58,6 +58,14 @@ const createSchema string = `
|
|||||||
);
|
);
|
||||||
`
|
`
|
||||||
|
|
||||||
|
const createAudit string = `
|
||||||
|
CREATE TABLE IF NOT EXISTS audit (
|
||||||
|
UserName VARCHAR,
|
||||||
|
EventText VARCHAR,
|
||||||
|
EventTime INTEGER
|
||||||
|
);
|
||||||
|
`
|
||||||
|
|
||||||
// Establish connection to sqlite database
|
// Establish connection to sqlite database
|
||||||
func ConnectDatabase() {
|
func ConnectDatabase() {
|
||||||
var err error
|
var err error
|
||||||
@@ -145,12 +153,18 @@ func CreateTables() {
|
|||||||
}
|
}
|
||||||
schemaCheck, _ := CheckColumnExists("schema", "Version")
|
schemaCheck, _ := CheckColumnExists("schema", "Version")
|
||||||
if !schemaCheck {
|
if !schemaCheck {
|
||||||
if _, err = db.Exec("INSERT INTO schema VALUES(1);"); err != nil {
|
if _, err = db.Exec("INSERT INTO schema VALUES(2);"); err != nil {
|
||||||
log.Printf("Error adding initial schema version : '%s'", err)
|
log.Printf("Error adding initial schema version : '%s'", err)
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Audit log table
|
||||||
|
if _, err = db.Exec(createAudit); err != nil {
|
||||||
|
log.Printf("Error checking audit table : '%s'", err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
// Database updates added after initial version released
|
// Database updates added after initial version released
|
||||||
ldapCheck, _ := CheckColumnExists("roles", "LdapGroup")
|
ldapCheck, _ := CheckColumnExists("roles", "LdapGroup")
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user