search

go-ldap / ldap

Basic LDAP v3 functionality for the GO programming language.
Other
2.19k stars 352 forks source link

reader error: unexpected EOF #488

Closed gibosky closed 3 months ago

gibosky commented 4 months ago

Hi guys!

We developed a solution with connection pooling.

Sometimes, in the search operation, we do not receive any error and do not return any records. When we enabled debug, we identified the following error in the log: "reader error: unexpected EOF".

Code search:

    ...
    pc, err := u.pool.Pull(ctx, pullTimeout)
    defer u.pool.Release(ctx, pc)
    if err != nil {
        return nil, err
    }
    var controls []l.Control
    pc.Debug = true

    searchRequest := l.NewSearchRequest(BaseDN, l.ScopeWholeSubtree, 
l.NeverDerefAliases, sizeLimit, timeLimit, false, filter, attributes, controls)
    sr, err := pc.Search(searchRequest)
    if ldapErr, ok := err.(*l.Error); ok {
        switch ldapErr.ResultCode {
        case l.LDAPResultNoSuchObject:
            return nil, errors.NewLdapNoSuchObjectErr()
        default:
            return nil, ldapErr.Error()
        }
    }
    return &sr.Entries, nil

Error log in debug mode:

LDAP Request: (Universal, Constructed, Sequence and Sequence of) Len=379 "" MessageID: (Universal, Primitive, Integer) Len=1 "4" Search Request: (Application, Constructed, 0x03) Len=372 "" Base DN: (Universal, Primitive, Octet String) Len=15 "o=banana,dc=mango" Scope: (Universal, Primitive, Enumerated) Len=1 "2" Deref Aliases: (Universal, Primitive, Enumerated) Len=1 "0" Size Limit: (Universal, Primitive, Integer) Len=1 "5" Time Limit: (Universal, Primitive, Integer) Len=2 "3000" Types Only: (Universal, Primitive, Boolean) Len=1 "false" And: (Context, Constructed, 0x00) Len=81 "" Equality Match: (Context, Constructed, 0x03) Len=27 "" Attribute: (Universal, Primitive, Octet String) Len=15 "accounts" Condition: (Universal, Primitive, Octet String) Len=8 "79521703" Present: (Context, Primitive, 0x07) Len=13 "clienteStatus" Equality Match: (Context, Constructed, 0x03) Len=35 "" Attribute: (Universal, Primitive, Octet String) Len=11 "objectclass" Condition: (Universal, Primitive, Octet String) Len=20 "inetOrgPerson" Attributes: (Universal, Constructed, Sequence and Sequence of) Len=253 "" Attribute: (Universal, Primitive, Octet String) Len=2 "cn" Attribute: (Universal, Primitive, Octet String) Len=2 "sn" Attribute: (Universal, Primitive, Octet String) Len=2 "dn" Attribute: (Universal, Primitive, Octet String) Len=9 "givenName" Attribute: (Universal, Primitive, Octet String) Len=8 "initials" Attribute: (Universal, Primitive, Octet String) Len=4 "name" Attribute: (Universal, Primitive, Octet String) Len=12 "userPassword" Attribute: (Universal, Primitive, Octet String) Len=15 "createTimestamp" Attribute: (Universal, Primitive, Octet String) Len=15 "modifyTimestamp" Attribute: (Universal, Primitive, Octet String) Len=11 "objectClass" 2024/02/28 17:55:50 flags&startTLS = 0 2024/02/28 17:55:50 4: returning 2024/02/28 17:55:50 4: waiting for response 2024/02/28 17:55:50 Sending message 4 2024/02/28 17:55:50 reader error: unexpected EOF 2024/02/28 17:55:50 Sending quit message and waiting for confirmation 2024/02/28 17:55:50 Shutting down - quit message received 2024/02/28 17:55:50 Closing channel for MessageID 4 2024/02/28 17:55:50 Closing network connection 2024/02/28 17:55:50 4: got response 0x0 The reported scenario is only happening in production. We had no problems with homologation.

Code to make the connection:

 func ConnectionWithPool(c *ldap.Configuration) (*Pool, error) {
    p, err := NewPool(&PoolOptions{
        URL: LdapServer,
        BindCredentials: &BindCredentials{
            Username: BindUsername,
            Password: BindPassword},
        ConnectionsCount:  PoolConnections,
        WakeupInterval:    WakeupInterval,
        ConnectionTimeout: ConnectionTimeout})
    if err != nil {
        return nil, err
    }
    return p, nil
}
func NewPool(po *PoolOptions) (*Pool, error) {
    var opts []l.DialOpt
    dialer := &net.Dialer{
        KeepAlive: po.WakeupInterval * time.Second,
        Timeout:   po.ConnectionTimeout * time.Second,
    }
    withDialer := l.DialWithDialer(dialer)
    opts = append(opts, withDialer)
    pool := &Pool{
        addr:            po.URL,
        conns:           make(chan *l.Conn, po.ConnectionsCount),
        bindCredentials: po.BindCredentials,
        opts:            opts,
    }
    err := pool.init()
    if err != nil {
        return nil, err
    }
    return pool, nil
}
func (p *Pool) open() (*l.Conn, error) {
    conn, err := l.DialURL(p.addr, p.opts...)
    if err != nil {
        return nil, err
    }
    // Connect with TLS
    err = conn.StartTLS(&tls.Config{InsecureSkipVerify: true})
    if err != nil {
        return nil, err
    }
    if p.bindCredentials != nil {
        err = conn.Bind(p.bindCredentials.Username, p.bindCredentials.Password)
        if err != nil {
            return nil, err
        }
    }
    return conn, nil
}

Does anyone know what we did wrong?

gibosky commented 3 months ago

I deleted the port on the Sidecar and it resolved it.

t2y commented 3 months ago

@gibosky Use GitHub Discussions next time you have a question like this.