remove predefined results in favor of LDAPResultCode.AsResult

handler.go

@@ -41,31 +41,38 @@ func (*BaseHandler) Abandon(conn *Conn, msg *Message, messageID MessageID) {
 }
 
 func (*BaseHandler) Add(conn *Conn, msg *Message, req *AddRequest) {
-	conn.SendResult(msg.MessageID, nil, TypeAddResponseOp, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, TypeAddResponseOp,
+		LDAPResultUnwillingToPerform.AsResult("the Add operation not supported by this server"))
 }
 
 func (*BaseHandler) Bind(conn *Conn, msg *Message, req *BindRequest) {
-	conn.SendResult(msg.MessageID, nil, TypeBindResponseOp, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, TypeBindResponseOp,
+		LDAPResultUnwillingToPerform.AsResult("the Bind operation not supported by this server"))
 }
 
 func (*BaseHandler) Compare(conn *Conn, msg *Message, req *CompareRequest) {
-	conn.SendResult(msg.MessageID, nil, TypeCompareResponseOp, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, TypeCompareResponseOp,
+		LDAPResultUnwillingToPerform.AsResult("the Compare operation not supported by this server"))
 }
 
 func (*BaseHandler) Delete(conn *Conn, msg *Message, dn string) {
-	conn.SendResult(msg.MessageID, nil, TypeDeleteResponseOp, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, TypeDeleteResponseOp,
+		LDAPResultUnwillingToPerform.AsResult("the Delete operation not supported by this server"))
 }
 
 func (*BaseHandler) Modify(conn *Conn, msg *Message, req *ModifyRequest) {
-	conn.SendResult(msg.MessageID, nil, TypeModifyResponseOp, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, TypeModifyResponseOp,
+		LDAPResultUnwillingToPerform.AsResult("the Modify operation not supported by this server"))
 }
 
 func (*BaseHandler) ModifyDN(conn *Conn, msg *Message, req *ModifyDNRequest) {
-	conn.SendResult(msg.MessageID, nil, TypeModifyDNResponseOp, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, TypeModifyDNResponseOp,
+		LDAPResultUnwillingToPerform.AsResult("the ModifyDN operation not supported by this server"))
 }
 
 func (*BaseHandler) Search(conn *Conn, msg *Message, req *SearchRequest) {
-	conn.SendResult(msg.MessageID, nil, TypeSearchResultDoneOp, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, TypeSearchResultDoneOp,
+		LDAPResultUnwillingToPerform.AsResult("the Search operation not supported by this server"))
 }
 
 // Implementers should provide their own Extended method that defaults to calling this
@@ -113,5 +120,6 @@ func (*BaseHandler) StartTLS(conn *Conn, msg *Message) {
 }
 
 func (*BaseHandler) Other(conn *Conn, msg *Message) {
-	conn.SendResult(msg.MessageID, nil, BerTypeSequence, UnsupportedOperation)
+	conn.SendResult(msg.MessageID, nil, BerTypeSequence,
+		LDAPResultUnwillingToPerform.AsResult("the requested operation was not recognized"))
 }

result.go

@@ -161,21 +161,3 @@ func (r LDAPResultCode) AsResult(diagnosticMessage string) *Result {
 	}
 	return res
 }
-
-// Result returned for protocol errors
-var ProtocolError = &Result{
-	ResultCode:        LDAPResultProtocolError,
-	DiagnosticMessage: "the server could not understand the request",
-}
-
-// Result returned for unsupported requests
-var UnsupportedOperation = &Result{
-	ResultCode:        LDAPResultUnwillingToPerform,
-	DiagnosticMessage: "the operation requested is not supported by the server",
-}
-
-// Result returned for denied permission
-var PermissionDenied = &Result{
-	ResultCode:        LDAPResultInsufficientAccessRights,
-	DiagnosticMessage: "client has insufficient access rights to the requested resource",
-}

server.go

@@ -156,7 +156,8 @@ func (s *LDAPServer) handleMessage(conn *Conn, msg *Message) {
 		req, err := GetAddRequest(msg.ProtocolOp.Data)
 		if err != nil {
 			log.Println("Error parsing Add request:", err)
-			conn.SendResult(msg.MessageID, nil, TypeAddResponseOp, ProtocolError)
+			conn.SendResult(msg.MessageID, nil, TypeAddResponseOp,
+				LDAPResultProtocolError.AsResult("invalid Add request received"))
 			return
 		}
 		conn.asyncOperations.Add(1)
@@ -168,7 +169,8 @@ func (s *LDAPServer) handleMessage(conn *Conn, msg *Message) {
 		req, err := GetBindRequest(msg.ProtocolOp.Data)
 		if err != nil {
 			log.Println("Error parsing Bind request:", err)
-			conn.SendResult(msg.MessageID, nil, TypeBindResponseOp, ProtocolError)
+			conn.SendResult(msg.MessageID, nil, TypeBindResponseOp,
+				LDAPResultProtocolError.AsResult("invalid Bind request received"))
 			return
 		}
 		conn.asyncOperations.Wait()
@@ -177,7 +179,8 @@ func (s *LDAPServer) handleMessage(conn *Conn, msg *Message) {
 		req, err := GetCompareRequest(msg.ProtocolOp.Data)
 		if err != nil {
 			log.Println("Error parsing Compare request:", err)
-			conn.SendResult(msg.MessageID, nil, TypeCompareResponseOp, ProtocolError)
+			conn.SendResult(msg.MessageID, nil, TypeCompareResponseOp,
+				LDAPResultProtocolError.AsResult("invalid Compare request received"))
 			return
 		}
 		conn.asyncOperations.Add(1)
@@ -196,7 +199,8 @@ func (s *LDAPServer) handleMessage(conn *Conn, msg *Message) {
 		req, err := GetExtendedRequest(msg.ProtocolOp.Data)
 		if err != nil {
 			log.Println("Error parsing Extended request:", err)
-			conn.SendResult(msg.MessageID, nil, TypeExtendedResponseOp, &ExtendedResult{Result: *ProtocolError})
+			conn.SendResult(msg.MessageID, nil, TypeExtendedResponseOp,
+				&ExtendedResult{Result: *LDAPResultProtocolError.AsResult("invalid Extended request received")})
 			return
 		}
 		// This is not concurrent in case it is a StartTLS request
@@ -205,7 +209,8 @@ func (s *LDAPServer) handleMessage(conn *Conn, msg *Message) {
 		req, err := GetModifyRequest(msg.ProtocolOp.Data)
 		if err != nil {
 			log.Println("Error parsing Modify request:", err)
-			conn.SendResult(msg.MessageID, nil, TypeModifyResponseOp, ProtocolError)
+			conn.SendResult(msg.MessageID, nil, TypeModifyResponseOp,
+				LDAPResultProtocolError.AsResult("invalid Modify request received"))
 			return
 		}
 		conn.asyncOperations.Add(1)
@@ -217,7 +222,8 @@ func (s *LDAPServer) handleMessage(conn *Conn, msg *Message) {
 		req, err := GetModifyDNRequest(msg.ProtocolOp.Data)
 		if err != nil {
 			log.Println("Error parsing ModifyDN request:", err)
-			conn.SendResult(msg.MessageID, nil, TypeModifyDNResponseOp, ProtocolError)
+			conn.SendResult(msg.MessageID, nil, TypeModifyDNResponseOp,
+				LDAPResultProtocolError.AsResult("invalid ModifyDN request received"))
 			return
 		}
 		conn.asyncOperations.Add(1)
@@ -229,7 +235,8 @@ func (s *LDAPServer) handleMessage(conn *Conn, msg *Message) {
 		req, err := GetSearchRequest(msg.ProtocolOp.Data)
 		if err != nil {
 			log.Println("Error parsing Search request:", err)
-			conn.SendResult(msg.MessageID, nil, TypeSearchResultDoneOp, &ExtendedResult{Result: *ProtocolError})
+			conn.SendResult(msg.MessageID, nil, TypeSearchResultDoneOp,
+				LDAPResultProtocolError.AsResult("invalid Search request received"))
 			return
 		}
 		conn.asyncOperations.Add(1)

test/main.go

@@ -19,8 +19,12 @@ func main() {
 		log.Println("Error setting up TLS:", err)
 		return
 	}
-	println("Serving.")
-	server.ListenAndServe("localhost:389")
+	log.Println("Serving.")
+	err = server.ListenAndServe("localhost:389")
+	if err != nil {
+		log.Println("Error starting server:", err)
+		return
+	}
 }
 
 type TestHandler struct {
@@ -54,7 +58,9 @@ func (t *TestHandler) Add(conn *ldapserver.Conn, msg *ldapserver.Message, req *l
 	auth := getAuth(conn)
 	if auth != "uid=authorizeduser,ou=users,dc=example,dc=com" {
 		log.Println("Not an authorized connection!", auth)
-		conn.SendResult(msg.MessageID, nil, ldapserver.TypeAddResponseOp, ldapserver.PermissionDenied)
+		conn.SendResult(msg.MessageID, nil, ldapserver.TypeAddResponseOp,
+			ldapserver.LDAPResultInsufficientAccessRights.AsResult(
+				"the connection is not authorized to perform the requested operation"))
 		return
 	}
 	log.Println("Add DN:", req.Entry)
@@ -120,7 +126,9 @@ func (t *TestHandler) Compare(conn *ldapserver.Conn, msg *ldapserver.Message, re
 	auth := getAuth(conn)
 	if auth != "uid=authorizeduser,ou=users,dc=example,dc=com" {
 		log.Println("Not an authorized connection!", auth)
-		conn.SendResult(msg.MessageID, nil, ldapserver.TypeCompareResponseOp, ldapserver.PermissionDenied)
+		conn.SendResult(msg.MessageID, nil, ldapserver.TypeCompareResponseOp,
+			ldapserver.LDAPResultInsufficientAccessRights.AsResult(
+				"the connection is not authorized to perform the requested operation"))
 		return
 	}
 	// Pretend to take a while
@@ -143,7 +151,9 @@ func (t *TestHandler) Delete(conn *ldapserver.Conn, msg *ldapserver.Message, dn
 	auth := getAuth(conn)
 	if auth != "uid=authorizeduser,ou=users,dc=example,dc=com" {
 		log.Println("Not an authorized connection!", auth)
-		conn.SendResult(msg.MessageID, nil, ldapserver.TypeDeleteResponseOp, ldapserver.PermissionDenied)
+		conn.SendResult(msg.MessageID, nil, ldapserver.TypeDeleteResponseOp,
+			ldapserver.LDAPResultInsufficientAccessRights.AsResult(
+				"the connection is not authorized to perform the requested operation"))
 		return
 	}
 	log.Println("Delete DN:", dn)
@@ -158,7 +168,9 @@ func (t *TestHandler) Modify(conn *ldapserver.Conn, msg *ldapserver.Message, req
 	auth := getAuth(conn)
 	if auth != "uid=authorizeduser,ou=users,dc=example,dc=com" {
 		log.Println("Not an authorized connection!", auth)
-		conn.SendResult(msg.MessageID, nil, ldapserver.TypeModifyResponseOp, ldapserver.PermissionDenied)
+		conn.SendResult(msg.MessageID, nil, ldapserver.TypeModifyResponseOp,
+			ldapserver.LDAPResultInsufficientAccessRights.AsResult(
+				"the connection is not authorized to perform the requested operation"))
 		return
 	}
 	log.Println("Modify DN:", req.Object)
@@ -178,7 +190,9 @@ func (t *TestHandler) ModifyDN(conn *ldapserver.Conn, msg *ldapserver.Message, r
 	auth := getAuth(conn)
 	if auth != "uid=authorizeduser,ou=users,dc=example,dc=com" {
 		log.Println("Not an authorized connection!", auth)
-		conn.SendResult(msg.MessageID, nil, ldapserver.TypeModifyResponseOp, ldapserver.PermissionDenied)
+		conn.SendResult(msg.MessageID, nil, ldapserver.TypeModifyResponseOp,
+			ldapserver.LDAPResultInsufficientAccessRights.AsResult(
+				"the connection is not authorized to perform the requested operation"))
 		return
 	}
 	log.Println("Old DN:", req.Object)
@@ -204,12 +218,16 @@ func (t *TestHandler) Search(conn *ldapserver.Conn, msg *ldapserver.Message, req
 	auth := getAuth(conn)
 	if auth != "uid=authorizeduser,ou=users,dc=example,dc=com" {
 		log.Println("Not an authorized connection!", auth)
-		conn.SendResult(msg.MessageID, nil, ldapserver.TypeModifyResponseOp, ldapserver.PermissionDenied)
+		conn.SendResult(msg.MessageID, nil, ldapserver.TypeModifyResponseOp,
+			ldapserver.LDAPResultInsufficientAccessRights.AsResult(
+				"the connection is not authorized to perform the requested operation"))
 		return
 	}
 	if auth != "uid=authorizeduser,ou=users,dc=example,dc=com" {
 		log.Println("Not an authorized connection!", auth)
-		conn.SendResult(msg.MessageID, nil, ldapserver.TypeSearchResultDoneOp, ldapserver.PermissionDenied)
+		conn.SendResult(msg.MessageID, nil, ldapserver.TypeSearchResultDoneOp,
+			ldapserver.LDAPResultInsufficientAccessRights.AsResult(
+				"the connection is not authorized to perform the requested operation"))
 		return
 	}
 	log.Println("Base object:", req.BaseObject)