jech
commented
1 year ago Have you managed to get a tcpdump trace?
Closed zerolabnet closed 1 year ago
jech
commented
1 year ago Have you managed to get a tcpdump trace?
zerolabnet
commented
1 year ago Is there any point in trying it? On the test bench it is repeated in different networks with different Galène instances and with different LDAP instances.
jech
commented
1 year ago Galene-ldap is used by default in the Yunohost installation of Galene (https://yunohost.org/fr/app_galene) so we know that it works well for many users.
Your report indicates either that there's something that prevents us from working with LDAP servers other than the one in Yunohost, or that there is something wrong with your network configuration. I'd be glad to work with you in order to debug the issue, but your report does not contain any data I can work with: no tcpdump traces, no LDAP logs, no LDAP schema, no galene-ldap configuration.
Please reopen this issue when you're willing to provide us with data we can work with.
zerolabnet
commented
1 year ago This issue is described here: https://github.com/go-ldap/ldap/issues/113
jech
commented
1 year ago Ah, so you think the connection is getting closed by the server due to inactivity? That would make perfect sense.
zerolabnet
commented
1 year ago I think that's the reason, yes.
jech
commented
1 year ago Could you please try the code in branch "try-again"? It's completely untested, sorry for that.
zerolabnet
commented
1 year ago I'll be sure to check out your version of the fix tomorrow. Thank you very much! I've gotten to that option myself: https://github.com/zerolabnet/galene-ldap/commit/df6c177888c7bcb74a180c576202a2f4549a4701 Could there be any pitfalls with it?
jech
commented
1 year ago Not sure. In general, there is no reliable way to check if a connection is still working without trying it, and since the requests we're sending are idempotent, I suspect it's more reliable to try the request and reconnect (once) if it fails.
zerolabnet
commented
1 year ago I checked your fix, it works perfectly, can be moved to the master branch. Thank you!
jech
commented
1 year ago Merged, thanks for your help. CC @ericgaspar
zerolabnet
commented
1 year ago After another testing I got error:
panic: errors: *target must be interface or implement error
goroutine 6 [running]:
errors.As({0x772f40, 0xc000235ce0}, {0x6ac0c0?, 0xc000235d10?})
/usr/local/go/src/errors/wrap.go:106 +0x4ef
main.verifier(0x0?)
/go/src/galene-ldap/galene-ldap.go:295 +0x195
created by main.main
/go/src/galene-ldap/galene-ldap.go:99 +0x4f1This is after half an hour of not accessing the LDAP server.
jech
commented
1 year ago Hopefully fixed in 18cbd36080bdc7544f340f716a9ac1b31472ed3c. Please test.
zerolabnet
commented
1 year ago I'm running a test. I'll report back in a while.
zerolabnet
commented
1 year ago Now this error: Verify: context canceled
jech
commented
1 year ago Verify: context canceled
This is normal: it indicates that the web browser closed the connection while an LDAP request was in progress. For example, because the user clicked on the stop button or closed the browser's tab.
zerolabnet
commented
1 year ago Unfortunately, login to the group does not happen after the LDAP server has closed the connection. Without any error on the page. Login only when you log in again.
zerolabnet
commented
1 year ago I've rolled back to my solution so far, it's working. https://github.com/zerolabnet/galene-ldap/commit/df6c177888c7bcb74a180c576202a2f4549a4701 I'll wait for a fix from you, I'll test if necessary.
jech
commented
1 year ago Please pull again.
zerolabnet
commented
1 year ago Yes, now worked. Thank you.
jech
commented
1 year ago Thanks for the report, and sorry for the churn.
An error occurs periodically during authentication: LDAP Result Code 200 "Network Error": ldap: connection closed
Tested with several LDAP servers in different networks. Any ideas how to fix it?