auth: add LDAP support

fixes #23
2026-06-15 20:07:55 +08:00 · 2019-08-15 09:34:54 -07:00
parent b82bb2c06a
commit 77dc1b7299
2 changed files with 22 additions and 16 deletions
@@ -18,5 +18,6 @@ var (
 	ErrBadCACert           = errors.New("tls: invalid ca cert")
 	ErrBadUser             = errors.New("ldap: non-existent user")
 	ErrEntriesExceeded     = errors.New("ldap: too many entries returned")
+	ErrLDAPEmptyPassphrase = errors.New("ldap: empty passphrase")
 	ErrLDAPConfig          = errors.New("config: invalid LDAP configuration")
 )
@@ -71,6 +71,11 @@ func (lc *LDAPClient) Connect() error {

 // Authenticate authenticates the user against the ldap backend.
 func (lc *LDAPClient) Authenticate(username, password string) (bool, map[string]string, error) {
+	if password == "" {
+		// RFC 4513 section 5.1.2
+		return false, nil, errors.ErrLDAPEmptyPassphrase
+	}
+
 	err := lc.Connect()
 	if err != nil {
 		return false, nil, err