added mysql backend

This commit is contained in:
Niklas 2019-11-28 17:08:19 +01:00
parent 49f8f88008
commit a48d74a651
2 changed files with 72 additions and 2 deletions

View File

@ -1,5 +1,7 @@
version = 0.1
service_name = netire-cryptall
# available backends: ldap, mysql
backend = mysql
[ldap]
host = ldap.exmaple.com
@ -8,4 +10,13 @@ bind_dn =
bind_pw =
search_base = ou=people,dc=user,dc=mc8051,dc=de
query_filter = (&(mail=%s)(pgpEnabled=True)(objectClass=person))
key_attribute = pgpKey
key_attribute = pgpKey
[mysql]
host = sql.exmaple.com
port = 3306
username =
password =
database = vmail
# use %u as a placeholder for the username and %d as the domain (username@domain.com)
query = SELECT pgp_key FROM pgp LEFT JOIN account USING(account_id) LEFT JOIN domain ON account.domain_id = domain.domain_id WHERE username = '%u' AND domain = '%d' and enabled = true

View File

@ -3,6 +3,7 @@ package main
import (
"bytes"
"crypto/tls"
"database/sql"
"fmt"
"golang.org/x/crypto/openpgp"
"io"
@ -15,13 +16,14 @@ import (
"git.gurkengewuerz.de/Gurkengewuerz/go-gpgmime"
"github.com/emersion/go-message"
_ "github.com/go-sql-driver/mysql"
"gopkg.in/ini.v1"
"gopkg.in/ldap.v3"
)
var config *ini.File
func getArmoredKeyRing(recipient *string) (string, error) {
func getArmoredKeyRing_ldap(recipient *string) (string, error) {
tlsConfig := &tls.Config{
InsecureSkipVerify: true,
}
@ -58,6 +60,63 @@ func getArmoredKeyRing(recipient *string) (string, error) {
return entry.GetAttributeValue(keyAttribute), nil
}
type pgpSQL struct {
pgpKey string
}
func getArmoredKeyRing_mysql(recipient *string) (string, error) {
db, err := sql.Open(
"mysql",
fmt.Sprintf(
"%s:%s@tcp(%s:%s)/%s",
config.Section("mysql").Key("username").String(),
config.Section("mysql").Key("password").String(),
config.Section("mysql").Key("host").String(),
config.Section("mysql").Key("port").String(),
config.Section("mysql").Key("database").String()))
if err != nil {
log.Fatal(err)
}
components := strings.Split(*recipient, "@")
username, domain := components[0], components[1]
query := config.Section("mysql").Key("query").String()
query = strings.Replace(query, "%u", username, 1)
query = strings.Replace(query, "%d", domain, 1)
row := db.QueryRow(query)
var key pgpSQL
err = row.Scan(&key.pgpKey)
if err == sql.ErrNoRows {
return "", fmt.Errorf("no entries for user %s at domain %s", username, domain)
}
if err != nil {
log.Fatal(err)
}
err = db.Close()
if err != nil {
log.Fatal(err)
}
return key.pgpKey, nil
}
func getArmoredKeyRing(recipient *string) (string, error) {
backend := strings.ToLower(config.Section("").Key("backend").String())
if backend == "ldap" {
return getArmoredKeyRing_ldap(recipient)
} else if backend == "mysql" {
return getArmoredKeyRing_mysql(recipient)
}
return "", fmt.Errorf("unknown backend option %s", backend)
}
func isPGPMessage(msg string) (bool, error) {
matched, err := regexp.MatchString(`-----BEGIN PGP MESSAGE-----[\s\S]+?-----END PGP MESSAGE-----`, msg)
return matched, err