finga/ldap0r
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Print remote address in Errors

Browse source 
In order to be able to filter in IDS/IPS the source address is now
printed in the logs when an error occurs
This commit is contained in:
finga 2020-07-07 17:34:09 +02:00
parent 7b0e4b4a31
commit 592fed030d
1 changed files with 11 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
src/main.rs
View file

@ -4,9 +4,10 @@
extern crate rocket; extern crate rocket;
use std::collections::{HashMap, HashSet}; use std::collections::{HashMap, HashSet};
use std::net::SocketAddr;
use std::sync::{Arc, Mutex}; use std::sync::{Arc, Mutex};
use anyhow::{anyhow, Result}; use anyhow::{anyhow, bail, Result};
use ldap3::{ use ldap3::{
controls::{MakeCritical, RelaxRules}, controls::{MakeCritical, RelaxRules},
LdapConn, Mod, Scope, SearchEntry, LdapConn, Mod, Scope, SearchEntry,
@ -89,16 +90,16 @@ fn reset_prepare(config: &Ldap0rConfig, keys: &Keys, email_address: &str) -> Res
if result.is_ok() { if result.is_ok() {
info!("Password reset email was sent to '{}'", email_address); info!("Password reset email was sent to '{}'", email_address);
} else { } else {
error!( bail!(
"Sending password reset email with reset URL to '{}' failed", "Sending password reset email with reset URL to '{}' failed",
email_address email_address
); );
} }
} else { } else {
error!("Could not aquire lock for keys"); bail!("Could not aquire lock for keys");
}; };
} else { } else {
error!("Invalid password reset request for '{}'", email_address); bail!("Invalid password reset request for '{}'", email_address);
} }
Ok(()) Ok(())
@ -117,7 +118,8 @@ fn set_password(
if let Ok(mut keys) = keys.lock() { if let Ok(mut keys) = keys.lock() {
let email = keys let email = keys
.get(key) .get(key)
.ok_or_else(|| anyhow!("Could not extract email"))?.to_string(); .ok_or_else(|| anyhow!("Could not extract email"))?
.to_string();
// ldap lookup // ldap lookup
let mut ldap = LdapConn::new(&config.ldap.server)?; let mut ldap = LdapConn::new(&config.ldap.server)?;
@ -215,11 +217,12 @@ fn reset(flash: Option<FlashMessage>) -> Template {
#[post("/reset", data = "<email>")] #[post("/reset", data = "<email>")]
fn reset_email( fn reset_email(
config: State<Ldap0rConfig>, config: State<Ldap0rConfig>,
remote_address: SocketAddr,
keys: State<Keys>, keys: State<Keys>,
email: Form<EmailForm>, email: Form<EmailForm>,
) -> Flash<Redirect> { ) -> Flash<Redirect> {
if let Err(e) = reset_prepare(&config, &keys, &email.email) { if let Err(e) = reset_prepare(&config, &keys, &email.email) {
error!("{}", e); error!("{} from {}", e, remote_address);
} }
Flash::success( Flash::success(
@ -254,6 +257,7 @@ fn reset_key(keys: State<Keys>, key: String, flash: Option<FlashMessage>) -> Opt
#[post("/reset/<key>", data = "<passwords>")] #[post("/reset/<key>", data = "<passwords>")]
fn reset_password( fn reset_password(
config: State<Ldap0rConfig>, config: State<Ldap0rConfig>,
remote_address: SocketAddr,
keys: State<Keys>, keys: State<Keys>,
key: String, key: String,
passwords: Form<PasswordsForm>, passwords: Form<PasswordsForm>,
@ -261,7 +265,7 @@ fn reset_password(
match set_password(&config, &keys, &key, &passwords) { match set_password(&config, &keys, &key, &passwords) {
Ok(flash) => flash, Ok(flash) => flash,
Err(e) => { Err(e) => {
error!("{}", e); error!("{} from {}", e, remote_address);
Flash::error( Flash::error(
Redirect::to(uri!(reset_key: key)), Redirect::to(uri!(reset_key: key)),
"Setting new password failed", "Setting new password failed",