glauth · mheers · Feb 21, 2024 · Feb 21, 2024
diff --git a/filter.go b/filter.go
@@ -261,18 +261,23 @@ func ServerApplyFilter(f *ber.Packet, entry *Entry) (bool, LDAPResultCode) {
 		}
 		attribute := f.Children[0].Value.(string)
 		value := f.Children[1].Value.(string)
+		if strings.ToLower(attribute) == "dn" {
+			if strings.EqualFold(entry.DN, value) {
+				return true, LDAPResultSuccess
+			}
+		}
 		for _, a := range entry.Attributes {
-			if strings.ToLower(a.Name) == strings.ToLower(attribute) {
+			if strings.EqualFold(a.Name, attribute) {
 				for _, v := range a.Values {
-					if strings.ToLower(v) == strings.ToLower(value) {
+					if strings.EqualFold(v, value) {
 						return true, LDAPResultSuccess
 					}
 				}
 			}
 		}
 	case "Present":
 		for _, a := range entry.Attributes {
-			if strings.ToLower(a.Name) == strings.ToLower(f.Data.String()) {
+			if strings.EqualFold(a.Name, f.Data.String()) {
 				return true, LDAPResultSuccess
 			}
 		}
@@ -318,7 +323,7 @@ func ServerApplyFilter(f *ber.Packet, entry *Entry) (bool, LDAPResultCode) {
 		valueBytes := f.Children[1].Children[0].Data.Bytes()
 		valueLower := strings.ToLower(string(valueBytes[:]))
 		for _, a := range entry.Attributes {
-			if strings.ToLower(a.Name) == strings.ToLower(attribute) {
+			if strings.EqualFold(a.Name, attribute) {
 				for _, v := range a.Values {
 					vLower := strings.ToLower(v)
 					switch f.Children[1].Children[0].Tag {
@@ -363,7 +368,7 @@ func parseFilterObjectClass(f *ber.Packet) (string, error) {
 	switch FilterMap[f.Tag] {
 	case "Equality Match":
 		if len(f.Children) != 2 {
-			return "", errors.New("Equality match must have only two children")
+			return "", errors.New("equality match must have only two children")
 		}
 		attribute := strings.ToLower(f.Children[0].Value.(string))
 		value := f.Children[1].Value.(string)
@@ -392,7 +397,7 @@ func parseFilterObjectClass(f *ber.Packet) (string, error) {
 		}
 	case "Not":
 		if len(f.Children) != 1 {
-			return "", errors.New("Not filter must have only one child")
+			return "", errors.New("not filter must have only one child")
 		}
 		subType, err := parseFilterObjectClass(f.Children[0])
 		if err != nil {

diff --git a/ldap.go b/ldap.go
@@ -7,7 +7,6 @@ package ldap
 import (
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"os"
 
 	ber "github.com/go-asn1-ber/asn1-ber"
@@ -304,7 +303,7 @@ func addDefaultLDAPResponseDescriptions(packet *ber.Packet) {
 }
 
 func DebugBinaryFile(fileName string) error {
-	file, err := ioutil.ReadFile(fileName)
+	file, err := os.ReadFile(fileName)
 	if err != nil {
 		return NewError(ErrorDebugging, err)
 	}

diff --git a/search.go b/search.go
@@ -234,15 +234,9 @@ func (l *Conn) SearchWithPaging(searchRequest *SearchRequest, pagingSize uint32)
 			return searchResult, NewError(ErrorNetwork, errors.New("ldap: packet not received"))
 		}
 
-		for _, entry := range result.Entries {
-			searchResult.Entries = append(searchResult.Entries, entry)
-		}
-		for _, referral := range result.Referrals {
-			searchResult.Referrals = append(searchResult.Referrals, referral)
-		}
-		for _, control := range result.Controls {
-			searchResult.Controls = append(searchResult.Controls, control)
-		}
+		searchResult.Entries = append(searchResult.Entries, result.Entries...)
+		searchResult.Referrals = append(searchResult.Referrals, result.Referrals...)
+		searchResult.Controls = append(searchResult.Controls, result.Controls...)
 
 		l.Debug.Printf("Looking for Paging Control...")
 		pagingResult := FindControl(result.Controls, ControlTypePaging)

diff --git a/server_bind.go b/server_bind.go
@@ -55,7 +55,6 @@ func HandleBindRequest(req *ber.Packet, fns map[string]Binder, conn net.Conn) (r
 		log.Print("SASL authentication is not supported")
 		return LDAPResultInappropriateAuthentication
 	}
-	return LDAPResultOperationsError
 }
 
 func encodeBindResponse(messageID uint64, ldapResultCode LDAPResultCode) *ber.Packet {

diff --git a/server_modify.go b/server_modify.go
@@ -147,7 +147,7 @@ func HandleCompareRequest(req *ber.Packet, boundDN string, fns map[string]Compar
 	if !ok {
 		return LDAPResultProtocolError
 	}
-	compReq.ava = []AttributeValueAssertion{AttributeValueAssertion{attr, val}}
+	compReq.ava = []AttributeValueAssertion{{attr, val}}
 	fnNames := []string{}
 	for k := range fns {
 		fnNames = append(fnNames, k)

diff --git a/server_search_test.go b/server_search_test.go
@@ -221,23 +221,23 @@ type compileSearchFilterTest struct {
 }
 
 var searchFilterTestFilters = []compileSearchFilterTest{
-	compileSearchFilterTest{name: "equalityOk", filterStr: "(uid=ned)", numResponses: "2"},
-	compileSearchFilterTest{name: "equalityNo", filterStr: "(uid=foo)", numResponses: "1"},
-	compileSearchFilterTest{name: "equalityOk", filterStr: "(objectclass=posixaccount)", numResponses: "4"},
-	compileSearchFilterTest{name: "presentEmptyOk", filterStr: "", numResponses: "4"},
-	compileSearchFilterTest{name: "presentOk", filterStr: "(objectclass=*)", numResponses: "4"},
-	compileSearchFilterTest{name: "presentOk", filterStr: "(description=*)", numResponses: "3"},
-	compileSearchFilterTest{name: "presentNo", filterStr: "(foo=*)", numResponses: "1"},
-	compileSearchFilterTest{name: "andOk", filterStr: "(&(uid=ned)(objectclass=posixaccount))", numResponses: "2"},
-	compileSearchFilterTest{name: "andNo", filterStr: "(&(uid=ned)(objectclass=posixgroup))", numResponses: "1"},
-	compileSearchFilterTest{name: "andNo", filterStr: "(&(uid=ned)(uid=trent))", numResponses: "1"},
-	compileSearchFilterTest{name: "orOk", filterStr: "(|(uid=ned)(uid=trent))", numResponses: "3"},
-	compileSearchFilterTest{name: "orOk", filterStr: "(|(uid=ned)(objectclass=posixaccount))", numResponses: "4"},
-	compileSearchFilterTest{name: "orNo", filterStr: "(|(uid=foo)(objectclass=foo))", numResponses: "1"},
-	compileSearchFilterTest{name: "andOrOk", filterStr: "(&(|(uid=ned)(uid=trent))(objectclass=posixaccount))", numResponses: "3"},
-	compileSearchFilterTest{name: "notOk", filterStr: "(!(uid=ned))", numResponses: "3"},
-	compileSearchFilterTest{name: "notOk", filterStr: "(!(uid=foo))", numResponses: "4"},
-	compileSearchFilterTest{name: "notAndOrOk", filterStr: "(&(|(uid=ned)(uid=trent))(!(objectclass=posixgroup)))", numResponses: "3"},
+	{name: "equalityOk", filterStr: "(uid=ned)", numResponses: "2"},
+	{name: "equalityNo", filterStr: "(uid=foo)", numResponses: "1"},
+	{name: "equalityOk", filterStr: "(objectclass=posixaccount)", numResponses: "4"},
+	{name: "presentEmptyOk", filterStr: "", numResponses: "4"},
+	{name: "presentOk", filterStr: "(objectclass=*)", numResponses: "4"},
+	{name: "presentOk", filterStr: "(description=*)", numResponses: "3"},
+	{name: "presentNo", filterStr: "(foo=*)", numResponses: "1"},
+	{name: "andOk", filterStr: "(&(uid=ned)(objectclass=posixaccount))", numResponses: "2"},
+	{name: "andNo", filterStr: "(&(uid=ned)(objectclass=posixgroup))", numResponses: "1"},
+	{name: "andNo", filterStr: "(&(uid=ned)(uid=trent))", numResponses: "1"},
+	{name: "orOk", filterStr: "(|(uid=ned)(uid=trent))", numResponses: "3"},
+	{name: "orOk", filterStr: "(|(uid=ned)(objectclass=posixaccount))", numResponses: "4"},
+	{name: "orNo", filterStr: "(|(uid=foo)(objectclass=foo))", numResponses: "1"},
+	{name: "andOrOk", filterStr: "(&(|(uid=ned)(uid=trent))(objectclass=posixaccount))", numResponses: "3"},
+	{name: "notOk", filterStr: "(!(uid=ned))", numResponses: "3"},
+	{name: "notOk", filterStr: "(!(uid=foo))", numResponses: "4"},
+	{name: "notAndOrOk", filterStr: "(&(|(uid=ned)(uid=trent))(!(objectclass=posixgroup)))", numResponses: "3"},
 	/*
 		compileSearchFilterTest{filterStr: "(sn=Mill*)", filterType: FilterSubstrings},
 		compileSearchFilterTest{filterStr: "(sn=*Mill)", filterType: FilterSubstrings},

diff --git a/server_test.go b/server_test.go
@@ -525,7 +525,6 @@ type bindPanic struct {
 
 func (b bindPanic) Bind(bindDN, bindSimplePw string, conn net.Conn) (LDAPResultCode, error) {
 	panic("test panic at the disco")
-	return LDAPResultInvalidCredentials, nil
 }
 
 type bindCaseInsensitive struct {
@@ -543,31 +542,31 @@ type searchSimple struct {
 
 func (s searchSimple) Search(boundDN string, searchReq SearchRequest, conn net.Conn) (ServerSearchResult, error) {
 	entries := []*Entry{
-		&Entry{"cn=ned,o=testers,c=test", []*EntryAttribute{
-			&EntryAttribute{"cn", []string{"ned"}},
-			&EntryAttribute{"o", []string{"ate"}},
-			&EntryAttribute{"uidNumber", []string{"5000"}},
-			&EntryAttribute{"accountstatus", []string{"active"}},
-			&EntryAttribute{"uid", []string{"ned"}},
-			&EntryAttribute{"description", []string{"ned via sa"}},
-			&EntryAttribute{"objectclass", []string{"posixaccount"}},
+		{"cn=ned,o=testers,c=test", []*EntryAttribute{
+			{"cn", []string{"ned"}},
+			{"o", []string{"ate"}},
+			{"uidNumber", []string{"5000"}},
+			{"accountstatus", []string{"active"}},
+			{"uid", []string{"ned"}},
+			{"description", []string{"ned via sa"}},
+			{"objectclass", []string{"posixaccount"}},
 		}},
-		&Entry{"cn=trent,o=testers,c=test", []*EntryAttribute{
-			&EntryAttribute{"cn", []string{"trent"}},
-			&EntryAttribute{"o", []string{"ate"}},
-			&EntryAttribute{"uidNumber", []string{"5005"}},
-			&EntryAttribute{"accountstatus", []string{"active"}},
-			&EntryAttribute{"uid", []string{"trent"}},
-			&EntryAttribute{"description", []string{"trent via sa"}},
-			&EntryAttribute{"objectclass", []string{"posixaccount"}},
+		{"cn=trent,o=testers,c=test", []*EntryAttribute{
+			{"cn", []string{"trent"}},
+			{"o", []string{"ate"}},
+			{"uidNumber", []string{"5005"}},
+			{"accountstatus", []string{"active"}},
+			{"uid", []string{"trent"}},
+			{"description", []string{"trent via sa"}},
+			{"objectclass", []string{"posixaccount"}},
 		}},
-		&Entry{"cn=randy,o=testers,c=test", []*EntryAttribute{
-			&EntryAttribute{"cn", []string{"randy"}},
-			&EntryAttribute{"o", []string{"ate"}},
-			&EntryAttribute{"uidNumber", []string{"5555"}},
-			&EntryAttribute{"accountstatus", []string{"active"}},
-			&EntryAttribute{"uid", []string{"randy"}},
-			&EntryAttribute{"objectclass", []string{"posixaccount"}},
+		{"cn=randy,o=testers,c=test", []*EntryAttribute{
+			{"cn", []string{"randy"}},
+			{"o", []string{"ate"}},
+			{"uidNumber", []string{"5555"}},
+			{"accountstatus", []string{"active"}},
+			{"uid", []string{"randy"}},
+			{"objectclass", []string{"posixaccount"}},
 		}},
 	}
 	return ServerSearchResult{entries, []string{}, []Control{}, LDAPResultSuccess}, nil
@@ -578,13 +577,13 @@ type searchSimple2 struct {
 
 func (s searchSimple2) Search(boundDN string, searchReq SearchRequest, conn net.Conn) (ServerSearchResult, error) {
 	entries := []*Entry{
-		&Entry{"cn=hamburger,o=testers,c=testz", []*EntryAttribute{
-			&EntryAttribute{"cn", []string{"hamburger"}},
-			&EntryAttribute{"o", []string{"testers"}},
-			&EntryAttribute{"uidNumber", []string{"5000"}},
-			&EntryAttribute{"accountstatus", []string{"active"}},
-			&EntryAttribute{"uid", []string{"hamburger"}},
-			&EntryAttribute{"objectclass", []string{"posixaccount"}},
+		{"cn=hamburger,o=testers,c=testz", []*EntryAttribute{
+			{"cn", []string{"hamburger"}},
+			{"o", []string{"testers"}},
+			{"uidNumber", []string{"5000"}},
+			{"accountstatus", []string{"active"}},
+			{"uid", []string{"hamburger"}},
+			{"objectclass", []string{"posixaccount"}},
 		}},
 	}
 	return ServerSearchResult{entries, []string{}, []Control{}, LDAPResultSuccess}, nil
@@ -594,9 +593,7 @@ type searchPanic struct {
 }
 
 func (s searchPanic) Search(boundDN string, searchReq SearchRequest, conn net.Conn) (ServerSearchResult, error) {
-	entries := []*Entry{}
 	panic("this is a test panic")
-	return ServerSearchResult{entries, []string{}, []Control{}, LDAPResultSuccess}, nil
 }
 
 type searchControls struct {
@@ -606,12 +603,12 @@ func (s searchControls) Search(boundDN string, searchReq SearchRequest, conn net
 	entries := []*Entry{}
 	if len(searchReq.Controls) == 1 && searchReq.Controls[0].GetControlType() == "1.2.3.4.5" {
 		newEntry := &Entry{"cn=hamburger,o=testers,c=testz", []*EntryAttribute{
-			&EntryAttribute{"cn", []string{"hamburger"}},
-			&EntryAttribute{"o", []string{"testers"}},
-			&EntryAttribute{"uidNumber", []string{"5000"}},
-			&EntryAttribute{"accountstatus", []string{"active"}},
-			&EntryAttribute{"uid", []string{"hamburger"}},
-			&EntryAttribute{"objectclass", []string{"posixaccount"}},
+			{"cn", []string{"hamburger"}},
+			{"o", []string{"testers"}},
+			{"uidNumber", []string{"5000"}},
+			{"accountstatus", []string{"active"}},
+			{"uid", []string{"hamburger"}},
+			{"objectclass", []string{"posixaccount"}},
 		}}
 		entries = append(entries, newEntry)
 	}
@@ -623,14 +620,14 @@ type searchCaseInsensitive struct {
 
 func (s searchCaseInsensitive) Search(boundDN string, searchReq SearchRequest, conn net.Conn) (ServerSearchResult, error) {
 	entries := []*Entry{
-		&Entry{"cn=CASE,o=testers,c=test", []*EntryAttribute{
-			&EntryAttribute{"cn", []string{"CaSe"}},
-			&EntryAttribute{"o", []string{"ate"}},
-			&EntryAttribute{"uidNumber", []string{"5005"}},
-			&EntryAttribute{"accountstatus", []string{"active"}},
-			&EntryAttribute{"uid", []string{"trent"}},
-			&EntryAttribute{"description", []string{"trent via sa"}},
-			&EntryAttribute{"objectclass", []string{"posixaccount"}},
+		{"cn=CASE,o=testers,c=test", []*EntryAttribute{
+			{"cn", []string{"CaSe"}},
+			{"o", []string{"ate"}},
+			{"uidNumber", []string{"5005"}},
+			{"accountstatus", []string{"active"}},
+			{"uid", []string{"trent"}},
+			{"description", []string{"trent via sa"}},
+			{"objectclass", []string{"posixaccount"}},
 		}},
 	}
 	return ServerSearchResult{entries, []string{}, []Control{}, LDAPResultSuccess}, nil