ldap: change from ping to ldap attempts

ICMP ping might be disabled between the ldap server and OBS. ping test is not very good, as it doesn't tell if LDAP is actually running on the server. Instead just try connecting ldap server until ldap_max_attempts is reached.
openSUSE · Feb 20, 2017 · e9f0f25 · e9f0f25
1 parent fd0674d
commit e9f0f25
Showing 1 changed file with 9 additions and 9 deletions.
diff --git a/src/api/app/models/user_ldap_strategy.rb b/src/api/app/models/user_ldap_strategy.rb
@@ -551,24 +551,24 @@ def self.initialize_ldap_con(user_name, password)
     return unless defined?(CONFIG['ldap_servers'])
     require 'ldap'
     ldap_servers = CONFIG['ldap_servers'].split(":")
-    ping = false
-    server = nil
     count = 0
 
     max_ldap_attempts = CONFIG.has_key?('ldap_max_attempts') ? CONFIG['ldap_max_attempts'] : 10
 
-    while !ping && count < max_ldap_attempts
+    while count < max_ldap_attempts
       count += 1
       server = ldap_servers[rand(ldap_servers.length)]
-      # Ruby only contains TCP echo ping.  Use system ping for real ICMP ping.
-      ping = system("ping", "-c", "1", server)
+      conn = try_ldap_con(server, user_name, password)
+      if !conn.nil? && conn.bound?
+          return conn
+      end
     end
 
-    if count == max_ldap_attempts
-      Rails.logger.debug("Unable to ping to any LDAP server: #{CONFIG['ldap_servers']}")
-      return
-    end
+    Rails.logger.error("Unable to bind to any LDAP server: #{CONFIG['ldap_servers']}")
+    nil
+  end
 
+  def self.try_ldap_con(server, user_name, password)
     # implicitly turn array into string
     user_name = [user_name].flatten.join('')