Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
id
keystore
Commits
888a43c8
Commit
888a43c8
authored
Jan 13, 2018
by
ale
Browse files
Add a config toggle to control base64-encoding of keys
parent
29268777
Changes
1
Hide whitespace changes
Inline
Side-by-side
dovecot/keyproxy.go
View file @
888a43c8
...
...
@@ -19,6 +19,10 @@ type Config struct {
Shard
string
`yaml:"shard"`
LDAPConfig
*
backend
.
LDAPConfig
`yaml:"ldap"`
Keystore
*
clientutil
.
BackendConfig
`yaml:"keystore"`
// Set this to true if the keys obtained from the backend need
// to be base64-encoded before being sent to Dovecot.
Base64Encode
bool
`yaml:"base64_encode_results"`
}
// Database represents the interface to the underlying backend for
...
...
@@ -55,6 +59,7 @@ type KeyLookupProxy struct {
db
Database
}
// NewKeyLookupProxy returns a KeyLookupProxy with the specified configuration.
func
NewKeyLookupProxy
(
config
*
Config
)
(
*
KeyLookupProxy
,
error
)
{
if
err
:=
config
.
check
();
err
!=
nil
{
return
nil
,
err
...
...
@@ -110,7 +115,7 @@ func (s *KeyLookupProxy) lookupUserdb(ctx context.Context, username string) (int
return
nil
,
false
,
nil
}
log
.
Printf
(
"userdb lookup for %s"
,
username
)
return
&
userdbResponse
{
PublicKey
:
b64encode
(
pub
)},
true
,
nil
return
&
userdbResponse
{
PublicKey
:
s
.
b64encode
(
pub
)},
true
,
nil
}
func
(
s
*
KeyLookupProxy
)
lookupPassdb
(
ctx
context
.
Context
,
username
,
password
string
)
(
interface
{},
bool
,
error
)
{
...
...
@@ -119,7 +124,7 @@ func (s *KeyLookupProxy) lookupPassdb(ctx context.Context, username, password st
priv
,
err
:=
s
.
keystore
.
Get
(
ctx
,
s
.
config
.
Shard
,
username
,
password
)
if
err
==
nil
{
log
.
Printf
(
"passdb lookup for %s (from keystore)"
,
username
)
return
&
passdbResponse
{
PrivateKey
:
b64encode
(
priv
)},
true
,
nil
return
&
passdbResponse
{
PrivateKey
:
s
.
b64encode
(
priv
)},
true
,
nil
}
// Otherwise, fetch encrypted keys from the db and attempt to
...
...
@@ -138,9 +143,12 @@ func (s *KeyLookupProxy) lookupPassdb(ctx context.Context, username, password st
return
nil
,
false
,
err
}
log
.
Printf
(
"passdb lookup for %s (decrypted)"
,
username
)
return
&
passdbResponse
{
PrivateKey
:
b64encode
(
priv
)},
true
,
nil
return
&
passdbResponse
{
PrivateKey
:
s
.
b64encode
(
priv
)},
true
,
nil
}
func
b64encode
(
b
[]
byte
)
string
{
return
base64
.
StdEncoding
.
EncodeToString
(
b
)
func
(
s
*
KeyLookupProxy
)
b64encode
(
b
[]
byte
)
string
{
if
s
.
config
.
Base64Encode
{
return
base64
.
StdEncoding
.
EncodeToString
(
b
)
}
return
string
(
b
)
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment