whimsical-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ru...@apache.org
Subject [whimsy] branch master updated: Prep for separate RO and RW LDAP hosts
Date Sat, 24 Feb 2018 15:36:13 GMT
This is an automated email from the ASF dual-hosted git repository.

rubys pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git


The following commit(s) were added to refs/heads/master by this push:
     new 0965095  Prep for separate RO and RW LDAP hosts
0965095 is described below

commit 09650958096135c38057439461091a720a752914
Author: Sam Ruby <rubys@intertwingly.net>
AuthorDate: Sat Feb 24 10:33:13 2018 -0500

    Prep for separate RO and RW LDAP hosts
    
    The list of RW_HOSTS will be only be used when LDAP is bound to a specific
    user id.  The RO_HOSTS will be used for all other operations.
    
    Fix a problem where the configuration method was picking up the set of LDAP
    servers from /etc/[open]ldap/ldap.config instead of the current set of
    servers.
---
 lib/whimsy/asf/ldap.rb | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/lib/whimsy/asf/ldap.rb b/lib/whimsy/asf/ldap.rb
index ff3677c..f8b5c14 100644
--- a/lib/whimsy/asf/ldap.rb
+++ b/lib/whimsy/asf/ldap.rb
@@ -47,12 +47,14 @@ module ASF
      # Derived from the following sources:
      # * https://github.com/apache/infrastructure-puppet/blob/deployment/data/common.yaml
(ldapserver::slapd_peers)
      # Updated 2018-02-24
-    HOSTS = %w(
+    RO_HOSTS = %w(
       ldaps://ldap1-ec2-va.apache.org:636
       ldaps://ldap1-il-eu.apache.org:636
       ldaps://ldap2-lw-us.apache.org:636
     )
 
+    RW_HOSTS = RO_HOSTS
+
     # Mutex preventing simultaneous connections to LDAP from a single process
     CONNECT_LOCK = Mutex.new
 
@@ -82,7 +84,9 @@ module ASF
     end
 
     # connect to LDAP
-    def self.connect(test = true)
+    def self.connect(test = true, hosts = nil)
+      hosts ||= self.hosts
+
       # Try each host at most once
       hosts.length.times do
         # Ensure we use each host in turn
@@ -137,7 +141,7 @@ module ASF
       raise ::LDAP::ResultError.new('Unknown user') unless dn
 
       ASF.ldap.unbind if ASF.ldap.bound? rescue nil
-      ldap = ASF.init_ldap(true)
+      ldap = ASF.init_ldap(true, RW_HOSTS)
       if block
         ASF.flush_weakrefs
         ldap.bind(dn, password, &block)
@@ -174,13 +178,13 @@ module ASF
     end
 
     # determine what LDAP hosts are available
-    def self.hosts
+    def self.hosts(use_config = true)
       return @hosts if @hosts # cache the hosts list
       # try whimsy config
       hosts = Array(ASF::Config.get(:ldap))
 
       # check system configuration
-      if hosts.empty?
+      if use_config and hosts.empty?
         conf = "#{ETCLDAP}/ldap.conf"
         if File.exist? conf
           uris = File.read(conf)[/^uri\s+(.*)/i, 1].to_s
@@ -193,7 +197,7 @@ module ASF
 
       # if all else fails, use default list
       Wunderbar.debug "Using default host list" if hosts.empty?
-      hosts = ASF::LDAP::HOSTS if hosts.empty?
+      hosts = ASF::LDAP::RO_HOSTS if hosts.empty?
 
       hosts.shuffle!
       #Wunderbar.debug "Hosts:\n#{hosts.join(' ')}"
@@ -235,7 +239,7 @@ module ASF
       # provide the URIs of the ldap hosts
       content.gsub!(/^URI/, '# URI')
       content += "uri \n" unless content =~ /^uri /
-      content[/uri (.*)\n/, 1] = hosts.join(' ')
+      content[/uri (.*)\n/, 1] = hosts(false).join(' ')
 
       # verify/set the base
       unless content.include? 'base dc=apache'
@@ -281,10 +285,10 @@ module ASF
   end
 
   # public entry point for establishing a connection safely
-  def self.init_ldap(reset = false)
+  def self.init_ldap(reset = false, hosts = nil)
     ASF::LDAP::CONNECT_LOCK.synchronize do
       @ldap = nil if reset
-      @ldap ||= ASF::LDAP.connect(!reset)
+      @ldap ||= ASF::LDAP.connect(!reset, hosts)
     end
   end
 
@@ -1461,7 +1465,7 @@ if __FILE__ == $0
   module ASF
     module LDAP
       def self.getHOSTS # :nodoc:
-        HOSTS
+        RO_HOSTS
       end
     end
   end

-- 
To stop receiving notification emails like this one, please contact
rubys@apache.org.

Mime
View raw message