Skip to content

Commit

Permalink
sdk/ldap: update interface to use DialURL (#20200)
Browse files Browse the repository at this point in the history
* sdk/ldap: update interface to use DialURL

* Fix scheme

* Fix race condition

* Add tls config dialopt
  • Loading branch information
jasonodonnell committed Apr 17, 2023
1 parent 940a60f commit 4b7c508
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 12 deletions.
21 changes: 19 additions & 2 deletions sdk/helper/ldaputil/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ func (c *Client) DialLDAP(cfg *ConfigEntry) (Connection, error) {
var retErr *multierror.Error
var conn Connection
urls := strings.Split(cfg.Url, ",")

for _, uut := range urls {
u, err := url.Parse(uut)
if err != nil {
Expand All @@ -40,12 +41,20 @@ func (c *Client) DialLDAP(cfg *ConfigEntry) (Connection, error) {
}

var tlsConfig *tls.Config
dialer := net.Dialer{
Timeout: time.Duration(cfg.ConnectionTimeout) * time.Second,
}

switch u.Scheme {
case "ldap":
if port == "" {
port = "389"
}
conn, err = c.LDAP.Dial("tcp", net.JoinHostPort(host, port))

fullAddr := fmt.Sprintf("%s://%s", u.Scheme, net.JoinHostPort(host, port))
opt := ldap.DialWithDialer(&dialer)

conn, err = c.LDAP.DialURL(fullAddr, opt)
if err != nil {
break
}
Expand All @@ -68,7 +77,15 @@ func (c *Client) DialLDAP(cfg *ConfigEntry) (Connection, error) {
if err != nil {
break
}
conn, err = c.LDAP.DialTLS("tcp", net.JoinHostPort(host, port), tlsConfig)

fullAddr := fmt.Sprintf("%s://%s", u.Scheme, net.JoinHostPort(host, port))
opt := ldap.DialWithDialer(&dialer)
tls := ldap.DialWithTLSConfig(tlsConfig)

conn, err = c.LDAP.DialURL(fullAddr, opt, tls)
if err != nil {
break
}
default:
retErr = multierror.Append(retErr, fmt.Errorf("invalid LDAP scheme in url %q", net.JoinHostPort(host, port)))
continue
Expand Down
13 changes: 3 additions & 10 deletions sdk/helper/ldaputil/ldap.go
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
package ldaputil

import (
"crypto/tls"

"github.com/go-ldap/ldap/v3"
)

Expand All @@ -13,16 +11,11 @@ func NewLDAP() LDAP {
// LDAP provides ldap functionality, but through an interface
// rather than statically. This allows faking it for tests.
type LDAP interface {
Dial(network, addr string) (Connection, error)
DialTLS(network, addr string, config *tls.Config) (Connection, error)
DialURL(addr string, opts ...ldap.DialOpt) (Connection, error)
}

type ldapIfc struct{}

func (l *ldapIfc) Dial(network, addr string) (Connection, error) {
return ldap.Dial(network, addr)
}

func (l *ldapIfc) DialTLS(network, addr string, config *tls.Config) (Connection, error) {
return ldap.DialTLS(network, addr, config)
func (l *ldapIfc) DialURL(addr string, opts ...ldap.DialOpt) (Connection, error) {
return ldap.DialURL(addr, opts...)
}

0 comments on commit 4b7c508

Please sign in to comment.