-
Notifications
You must be signed in to change notification settings - Fork 252
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support a connection callback for proxies #177
base: master
Are you sure you want to change the base?
Conversation
=== Net::LDAP next | ||
* Minor enhancements: | ||
* Add support for a connection callback, to allow proxies to be used | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you leave this out of the change log for now? We usually update this when we prepare for a release. For example, see #174
@ccutrer thanks for the pull. I like refactoring for |
Not a problem. I was just following the instructions from https://github.com/ruby-ldap/ruby-net-ldap/blob/master/Hacking.rdoc I'm planning on establishing the connection with https://github.com/samuelkadolph/ruby-proxifier. |
Sorry for the terse comment. I was writing it, then realized I was late for a short appointment. I updated the commit to remove the history entry. I plan on using proxifier because in our environment we need to proxy LDAP requests (and LDAP requests only) through a specific server so that clients can whitelist a specific IP address. The application makes many other network requests that need to take the general route over the network for performance reasons, so I need to be able to control LDAP specifically (and without monkey patching all of TCPSocket). |
Nice low hanging fruit refactor, I was about to embark on it myself. Well done. |
Hah, oops. Sorry about that, I didn't see that previously. Great explanation of your reasoning behind the callback. How do you feel about parameterizing the socket passed into connection instead? For example: Net::LDAP.new(:socket => @proxy_socket, ...) @mtodd @schaary could you chime in about allowing callers to customize the socket class? It feels pretty low level, but I think the above use case is reasonable. We can also implement this and maintain backwards compatibility. |
I had originally planned on just passing the socket through, until I realized that there may be 0 or more connections created by a Net::LDAP - i.e. if open is not used, and you call multiple other methods, a new connection is established each time. Re-using the cached @socket would cause errors on the second connection attempt (or waste resources if a connection is never opened and you just always create a Net::LDAP object before you know if you're going to use it). |
@ccutrer good point, but your refactoring of module Net
class LDAP
def initialize(args = {})
@socket = args[:socket]
# snip other ivars
end
def new_connection
socket = @socket || TCPSocket.new(...)
Connection.new(:socket => socket, ....)
end
end
end |
I explored a similar implementation in #135 which allowed users to set a I'm 👎 to adding a callback, but absolutely support the need for more control over the socket. The API that comes to mind looks something like this: ldap = Net::LDAP.new(options)
ldap.open(:socket => TCPSocket.new(ip, port)) do |conn|
conn.search
end This would require I think this is more adaptable, since different socket classes may not have compatible instantiation with Huge 👍 to consolidating connection handling through the |
👍 to a separate PR @mtodd I'm skeptical of duplicating all or any of the initialization options in Taking a step back, I dislike the implicit connection handling in |
#180 for the refactor; I'll rebase this PR on top of that |
1060b0b
to
8705116
Compare
reduces duplicated code, and makes it easier for future changes to connection establishment because it's all in one place now
It shouldn't be necessary since |
Sorry to comment over this old pull request, but I've been having troubles to connect to LDAP through proxy (Nginx + Puma) with ECONNREFUSED error. I don't know why it's taking localhost as default socket, but I want to authenticate to a remote LDAP server and I can't find how is that possible given that it seems impossible to change host and port for connection. Any advice will be truly appreciated. |
also refactors connection establishment to only go through one method