search

go-ldap / ldap

Basic LDAP v3 functionality for the GO programming language.
Other
2.25k stars 355 forks source link

DialURL migration problem #523

Closed nabokihms closed 3 months ago

nabokihms commented 3 months ago

Hello! We have a very awkward situation. Because some methods were deprecated, I substituted them with the DialURL alternative. 1.

- conn, err = ldap.Dial("tcp", c.Host)
+ u := url.URL{Scheme: "ldap://", Host: c.Host}
+ conn, err = ldap.DialURL(u.String())

2.

- conn, err = ldap.DialTLS("tcp", c.Host, c.tlsConfig)
+ u := url.URL{Scheme: "ldaps://", Host: c.Host}
+ conn, err = ldap.DialURL(u.String(), ldap.DialWithTLSConfig(c.tlsConfig))

Unfortunately, it broke some user's connections. Could you please point out where I'm wrong?

For the context https://github.com/dexidp/dex/issues/3671 https://github.com/dexidp/dex/commit/63f4410ac1cff2f478b7deb806a386195de4c1b1

nabokihms commented 3 months ago

nvm I managed to find the problem. The scheme must be without ://. Otherwise, the address is e.g. ldap://://ldap.core:1000

The problem I stepped into is that when the URL is invalid, the go-ldap lib falls back to the localhost port (depending on the TLS settings), and my integration tests run ldap on localhost...

Sorry for bothering you.