Commit 9906d614 authored by ale's avatar ale

Fix passdb response

Sets 'noauthenticate', and prefixes the private key with the userdb_
prefix as it should.
parent 30cb7a27
Pipeline #1572 passed with stages
in 1 minute and 8 seconds
......@@ -47,7 +47,15 @@ type userdbResponse struct {
}
type passdbResponse struct {
PrivateKey string `json:"mail_crypt_global_private_key"`
PrivateKey string `json:"userdb_mail_crypt_global_private_key"`
NoAuth bool `json:"noauthenticate"`
}
func newPassDBResponse(privateKey string) *passdbResponse {
return &passdbResponse{
PrivateKey: privateKey,
NoAuth: true,
}
}
var passwordSep = "/"
......@@ -126,7 +134,7 @@ func (s *KeyLookupProxy) lookupPassdb(ctx context.Context, username, password st
log.Printf("keystore lookup for %s failed: %v", username, err)
} else {
log.Printf("passdb lookup for %s (from keystore)", username)
return &passdbResponse{PrivateKey: s.b64encode(priv)}, true, nil
return newPassDBResponse(s.b64encode(priv)), true, nil
}
// Otherwise, fetch encrypted keys from the db and attempt to
......@@ -150,7 +158,7 @@ func (s *KeyLookupProxy) lookupPassdb(ctx context.Context, username, password st
return nil, false, err
}
log.Printf("passdb lookup for %s (decrypted)", username)
return &passdbResponse{PrivateKey: s.b64encode(priv)}, true, nil
return newPassDBResponse(s.b64encode(priv)), true, nil
}
func (s *KeyLookupProxy) b64encode(b []byte) string {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment