Fix scheme for DialURL ldap connection (#3677)

* Use scheme without :// suffix * Make test ldap server listen on custom ports to avoid stepping into go-ldap defaults Signed-off-by: m.nabokikh <[email protected]>
dexidp · Aug 7, 2024 · 54fb570 · 54fb570
1 parent 257a821
commit 54fb570
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -121,8 +121,8 @@ jobs:
           DEX_ETCD_ENDPOINTS: http://localhost:${{ job.services.etcd.ports[2379] }}
 
           DEX_LDAP_HOST: localhost
-          DEX_LDAP_PORT: 389
-          DEX_LDAP_TLS_PORT: 636
+          DEX_LDAP_PORT: 3890
+          DEX_LDAP_TLS_PORT: 6360
 
           DEX_KEYSTONE_URL: http://localhost:${{ job.services.keystone.ports[5000] }}
           DEX_KEYSTONE_ADMIN_URL: http://localhost:${{ job.services.keystone.ports[35357] }}

diff --git a/connector/ldap/ldap.go b/connector/ldap/ldap.go
@@ -322,10 +322,10 @@ func (c *ldapConnector) do(_ context.Context, f func(c *ldap.Conn) error) error
 
 	switch {
 	case c.InsecureNoSSL:
-		u := url.URL{Scheme: "ldap://", Host: c.Host}
+		u := url.URL{Scheme: "ldap", Host: c.Host}
 		conn, err = ldap.DialURL(u.String())
 	case c.StartTLS:
-		u := url.URL{Scheme: "ldap://", Host: c.Host}
+		u := url.URL{Scheme: "ldap", Host: c.Host}
 		conn, err = ldap.DialURL(u.String())
 		if err != nil {
 			return fmt.Errorf("failed to connect: %v", err)
@@ -334,7 +334,7 @@ func (c *ldapConnector) do(_ context.Context, f func(c *ldap.Conn) error) error
 			return fmt.Errorf("start TLS failed: %v", err)
 		}
 	default:
-		u := url.URL{Scheme: "ldaps://", Host: c.Host}
+		u := url.URL{Scheme: "ldaps", Host: c.Host}
 		conn, err = ldap.DialURL(u.String(), ldap.DialWithTLSConfig(c.tlsConfig))
 	}
 	if err != nil {

diff --git a/docker-compose.test.yaml b/docker-compose.test.yaml
@@ -11,8 +11,8 @@ services:
             LDAP_TLS: "true"
             LDAP_TLS_VERIFY_CLIENT: try
         ports:
-            - 389:389
-            - 636:636
+            - 3890:389
+            - 6360:636
         volumes:
             - ./connector/ldap/testdata/certs:/container/service/slapd/assets/certs
             - ./connector/ldap/testdata/schema.ldif:/container/service/slapd/assets/config/bootstrap/ldif/99-schema.ldif