.bind hangs on credentials failure

[jonathanstowe]

This might be a server specific thing but against a work LDAP server (which may or may not be Microsoft ADFS exposed as LDAP,) when an invalid username or password is supplied (it doesn't matter which,) to 'bind' then it simply hangs.

The output with CRO_TRACE=1 is:

[TRACE(anon 1)] Cro::LDAP::MessageSerializer EMIT TCP Message
  30 1d 02 01 01 60 16 02 01 03 04 06 73 74 6f 77  0....`......stow
  65 6a 80 09 42 61 74 62 75 72 67 65 72 a0 00     ej..Batburger..

[TRACE(anon 1)] Cro::TLS::Connector EMIT TCP Message
  30 84 00 00 00 68 02 01 01 61 84 00 00 00 5f 0a  0....h...a...._.
  01 31 04 00 04 58 38 30 30 39 30 33 30 38 3a 20  .1...X80090308: 
  4c 64 61 70 45 72 72 3a 20 44 53 49 44 2d 30 43  LdapErr: DSID-0C
  30 39 30 34 34 37 2c 20 63 6f 6d 6d 65 6e 74 3a  090447, comment:
  20 41 63 63 65 70 74 53 65 63 75 72 69 74 79 43   AcceptSecurityC
  6f 6e 74 65 78 74 20 65 72 72 6f 72 2c 20 64 61  ontext error, da
  74 61 20 35 32 65 2c 20 76 33 38 33 39 00        ta 52e, v3839.

[TRACE(anon 1)] Cro::LDAP::MessageParser QUIT Earlier failure:
 No value '49' found in enum ResultCode
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 263
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 135
  in block  at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 43
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 24
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 126
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 135
  in block  at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 43
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 24
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 19
  in method process at /home/jonathan/.raku/sources/DB3A44EE41FA87797F54EF60DF716A2F3AEB340F (ASN::Parser::Async) line 26
  in block  at /home/jonathan/devel/raku/3rdparty-modules/cro-ldap/lib/Cro/LDAP/MessageParser.pm6 (Cro::LDAP::MessageParser) line 14
  in block  at /home/jonathan/.raku/sources/6596BC506DFCC07D69A93CD79CFD85375655D19E (Cro) line 379
  in block  at /home/jonathan/.raku/sources/8F9CE57B4C9E54F00938F862E837CA40DCD18536 (Cro::TLS) line 92

Final error:
 Type check failed in assignment to $!result-code; expected ResultCode but got Failure (Failure.new(exceptio...)
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 48
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 126
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 135
  in block  at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 43
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 24
  in method parse at /home/jonathan/.raku/sources/5B77CEDC072C63049FB1CEA5EFC9158615C0EB51 (ASN::Parser) line 19
  in method process at /home/jonathan/.raku/sources/DB3A44EE41FA87797F54EF60DF716A2F3AEB340F (ASN::Parser::Async) line 26
  in block  at /home/jonathan/devel/raku/3rdparty-modules/cro-ldap/lib/Cro/LDAP/MessageParser.pm6 (Cro::LDAP::MessageParser) line 14
  in block  at /home/jonathan/.raku/sources/6596BC506DFCC07D69A93CD79CFD85375655D19E (Cro) line 379
  in block  at /home/jonathan/.raku/sources/8F9CE57B4C9E54F00938F862E837CA40DCD18536 (Cro::TLS) line 92

It looks like there are actually two problems, a) it isn't finding the correct enum for returncode (49 does appear to be present in the asn grammar you have,) and b) the error in the parser isn't being propagated so the failure to parse the response leaves it waiting for a response it can parse.

[Altai-man]

Thanks for checking it out! I'll look at it soon.

[Altai-man]

This seems to be an issue in Type::EnumHOW.

use Type::EnumHOW;

my %values = a => 1, b => 13;
my $new-enum = Type::EnumHOW.new_type(name => 'NewEnum', :base_type(Int));
$new-enum.^set_package: OUR;
$new-enum.^add_attribute_with_values('$!symbol', %values, :type(Int));
$new-enum.^compose;
$new-enum.^add_enum_values(%values.sort(*.value).map(*.key));
$new-enum.^compose_values;
say OUR::b.value; # is 1, must be 13

And an old one... https://github.com/Kaiepi/p6-Type-EnumHOW/issues/1 Investigating.

UPD: apparently, just me doing it wrong, d'oh.

[Altai-man]

Ping @jonathanstowe Thank you so much for looking at this. I fixed the issue and added a test. I also de-bitrotted the repo a bit and fixed a couple of other issues I found along the way.

I uploaded the updated dependencies, they should be indexed shortly (I hope), I also updated the META to download them, so just doing zef install --deps-only . should get you the fixed version.

Please, report any issues of this sort if you have time, they are welcome. Closing, re-open if news.

[jonathanstowe]

I'll look tomorrow when I'm on the work VPN. Thanks for looking so quickly.

[jonathanstowe]

Just tested that and it's all good:

[TRACE(anon 1)] Cro::LDAP::MessageParser EMIT LDAP MSG [1] BindResponse
BindResponse+{Cro::LDAP::ControlCarry[List]}.new(result-code => ResultCode::invalidCredentials, matched-dn => "", error-message => "80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 52e, v3839\0", referral => ASNSequenceOf[Any], server-sasl-creds => Any)

Thanks for you help :1st_place_medal: Now to rework the authentication in my application to use that.