commit: 91d1d7260b7084f59ae42e7c4b46c7fb963fda96
parent af3bf8a4628c0b2981d69f624e3be298adc7dfe6
Author: Mark Felder <feld@feld.me>
Date: Sun, 15 Sep 2024 23:18:17 -0400
Retain the try do so an LDAP failure can fall back to local database.
This fixes tests but the automatic fallback may not be well documented behavior.
Diffstat:
1 file changed, 26 insertions(+), 22 deletions(-)
diff --git a/lib/pleroma/web/auth/ldap_authenticator.ex b/lib/pleroma/web/auth/ldap_authenticator.ex
@@ -65,30 +65,34 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do
case :eldap.open([to_charlist(host)], options) do
{:ok, connection} ->
- cond do
- ssl ->
- :application.ensure_all_started(:ssl)
-
- tls ->
- case :eldap.start_tls(
- connection,
- tlsopts,
- @connection_timeout
- ) do
- :ok ->
- :ok
-
- error ->
- Logger.error("Could not start TLS: #{inspect(error)}")
- :eldap.close(connection)
- end
-
- true ->
- :ok
+ try do
+ cond do
+ ssl ->
+ :application.ensure_all_started(:ssl)
+
+ tls ->
+ case :eldap.start_tls(
+ connection,
+ tlsopts,
+ @connection_timeout
+ ) do
+ :ok ->
+ :ok
+
+ error ->
+ Logger.error("Could not start TLS: #{inspect(error)}")
+ :eldap.close(connection)
+ end
+
+ true ->
+ :ok
+ end
+
+ bind_user(connection, ldap, name, password)
+ after
+ :eldap.close(connection)
end
- bind_user(connection, ldap, name, password)
-
{:error, error} ->
Logger.error("Could not open LDAP connection: #{inspect(error)}")
{:error, {:ldap_connection_error, error}}
