added mysql backend
This commit is contained in:
parent
49f8f88008
commit
a48d74a651
@ -1,5 +1,7 @@
|
||||
version = 0.1
|
||||
service_name = netire-cryptall
|
||||
# available backends: ldap, mysql
|
||||
backend = mysql
|
||||
|
||||
[ldap]
|
||||
host = ldap.exmaple.com
|
||||
@ -8,4 +10,13 @@ bind_dn =
|
||||
bind_pw =
|
||||
search_base = ou=people,dc=user,dc=mc8051,dc=de
|
||||
query_filter = (&(mail=%s)(pgpEnabled=True)(objectClass=person))
|
||||
key_attribute = pgpKey
|
||||
key_attribute = pgpKey
|
||||
|
||||
[mysql]
|
||||
host = sql.exmaple.com
|
||||
port = 3306
|
||||
username =
|
||||
password =
|
||||
database = vmail
|
||||
# use %u as a placeholder for the username and %d as the domain (username@domain.com)
|
||||
query = SELECT pgp_key FROM pgp LEFT JOIN account USING(account_id) LEFT JOIN domain ON account.domain_id = domain.domain_id WHERE username = '%u' AND domain = '%d' and enabled = true
|
||||
|
||||
61
gpgit.go
61
gpgit.go
@ -3,6 +3,7 @@ package main
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/tls"
|
||||
"database/sql"
|
||||
"fmt"
|
||||
"golang.org/x/crypto/openpgp"
|
||||
"io"
|
||||
@ -15,13 +16,14 @@ import (
|
||||
|
||||
"git.gurkengewuerz.de/Gurkengewuerz/go-gpgmime"
|
||||
"github.com/emersion/go-message"
|
||||
_ "github.com/go-sql-driver/mysql"
|
||||
"gopkg.in/ini.v1"
|
||||
"gopkg.in/ldap.v3"
|
||||
)
|
||||
|
||||
var config *ini.File
|
||||
|
||||
func getArmoredKeyRing(recipient *string) (string, error) {
|
||||
func getArmoredKeyRing_ldap(recipient *string) (string, error) {
|
||||
tlsConfig := &tls.Config{
|
||||
InsecureSkipVerify: true,
|
||||
}
|
||||
@ -58,6 +60,63 @@ func getArmoredKeyRing(recipient *string) (string, error) {
|
||||
return entry.GetAttributeValue(keyAttribute), nil
|
||||
}
|
||||
|
||||
type pgpSQL struct {
|
||||
pgpKey string
|
||||
}
|
||||
|
||||
func getArmoredKeyRing_mysql(recipient *string) (string, error) {
|
||||
db, err := sql.Open(
|
||||
"mysql",
|
||||
fmt.Sprintf(
|
||||
"%s:%s@tcp(%s:%s)/%s",
|
||||
config.Section("mysql").Key("username").String(),
|
||||
config.Section("mysql").Key("password").String(),
|
||||
config.Section("mysql").Key("host").String(),
|
||||
config.Section("mysql").Key("port").String(),
|
||||
config.Section("mysql").Key("database").String()))
|
||||
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
components := strings.Split(*recipient, "@")
|
||||
username, domain := components[0], components[1]
|
||||
|
||||
query := config.Section("mysql").Key("query").String()
|
||||
query = strings.Replace(query, "%u", username, 1)
|
||||
query = strings.Replace(query, "%d", domain, 1)
|
||||
|
||||
row := db.QueryRow(query)
|
||||
|
||||
var key pgpSQL
|
||||
err = row.Scan(&key.pgpKey)
|
||||
|
||||
if err == sql.ErrNoRows {
|
||||
return "", fmt.Errorf("no entries for user %s at domain %s", username, domain)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
err = db.Close()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
return key.pgpKey, nil
|
||||
}
|
||||
|
||||
func getArmoredKeyRing(recipient *string) (string, error) {
|
||||
backend := strings.ToLower(config.Section("").Key("backend").String())
|
||||
if backend == "ldap" {
|
||||
return getArmoredKeyRing_ldap(recipient)
|
||||
} else if backend == "mysql" {
|
||||
return getArmoredKeyRing_mysql(recipient)
|
||||
}
|
||||
return "", fmt.Errorf("unknown backend option %s", backend)
|
||||
}
|
||||
|
||||
func isPGPMessage(msg string) (bool, error) {
|
||||
matched, err := regexp.MatchString(`-----BEGIN PGP MESSAGE-----[\s\S]+?-----END PGP MESSAGE-----`, msg)
|
||||
return matched, err
|
||||
|
||||
Loading…
Reference in New Issue
Block a user