From 0008480f7bb4e3f4a1506339577cca6b349d1331 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 28 Aug 2025 17:00:23 +0200 Subject: [PATCH] Update to 2025-08-28 17:00 --- roles/includes/get_rand_pass.yml | 2 +- roles/lemonldap_ng/files/Web.pm | 18 +++++++++++++++--- roles/lemonldap_ng/tasks/main.yml | 1 + roles/sssd_ldap_auth/defaults/main.yml | 2 +- 4 files changed, 18 insertions(+), 5 deletions(-) diff --git a/roles/includes/get_rand_pass.yml b/roles/includes/get_rand_pass.yml index 4e1b016..df624e7 100644 --- a/roles/includes/get_rand_pass.yml +++ b/roles/includes/get_rand_pass.yml @@ -7,7 +7,7 @@ - openssl when: rand_pass_tools_installed is not defined or not rand_pass_tools_installed -# Mark tool sas installed so we do not check each time, as it can be slow +# Mark tools as installed so we do not check each time, as it can be slow - set_fact: rand_pass_tools_installed=True # Check if a non encrypted file exists. We do it first for backward compatibility diff --git a/roles/lemonldap_ng/files/Web.pm b/roles/lemonldap_ng/files/Web.pm index 5b906b4..637ce3a 100644 --- a/roles/lemonldap_ng/files/Web.pm +++ b/roles/lemonldap_ng/files/Web.pm @@ -22,9 +22,9 @@ sub new { $args->{server} = DEFAULTWS; $logger->info("$pr no server given"); } - elsif ( $args->{server} =~ m#^(?:(?:http|ws)(s)?://)?([^/:]+:[^/:]+)/?$# ) { + elsif ( $args->{server} =~ m#^(?:(?:http|ws)(s)?://)?(.+?)/*$# ) { $args->{server} = $2; - $ssl = 1 if $1; + $ssl = 's' if $1; } else { $logger->error("$pr unparsable server '$args->{server}'"); @@ -108,6 +108,14 @@ sub waitForNextMessage { sub _connect { my ($self) = @_; my ( $host, $port ) = split /:/, $self->{server}; + # Remove any path from host or port + $host =~ s|/.*$||; + $port =~ s|/.*$||; + # If port is not defined, use 80 or 443 + unless ( $port =~ m/^\d+$/ ){ + $port = ( $self->{ssl} eq 's' ) ? 443 : 80; + } + my $sock = IO::Socket::INET->new( PeerHost => $host, PeerPort => $port, @@ -130,7 +138,7 @@ sub _connect { }; $self->logger->debug("$pr connection upgraded to TLS"); } - my $url = "ws" . ($self->{ssl} ? 's' : '') . "://$self->{server}/subscribe?" + my $url = "ws$self->{ssl}://$self->{server}/subscribe?" . build_urlencoded( channels => $self->{channels} ); $self->logger->debug("$pr connects to $url"); my $client = Protocol::WebSocket::Client->new( url => $url ); @@ -180,6 +188,10 @@ sub _connect { $client->connect(); + my $buf; + $sock->sysread( $buf, 4096 ); + $client->read($buf); + $self->{socket} = $sock; $self->{selector} = IO::Select->new($sock); $self->{ws} = $client; diff --git a/roles/lemonldap_ng/tasks/main.yml b/roles/lemonldap_ng/tasks/main.yml index da532d2..40f06f4 100644 --- a/roles/lemonldap_ng/tasks/main.yml +++ b/roles/lemonldap_ng/tasks/main.yml @@ -57,6 +57,7 @@ - name: Install MessageBroker::Web copy: src=Web.pm dest=/usr/share/perl5/vendor_perl/Lemonldap/NG/Common/MessageBroker/Web.pm owner=root group=root mode=644 + notify: "{{ (llng_server == 'nginx' and llng_engine == 'uwsgi') | ternary('reload', 'restart') }} {{ (llng_server == 'nginx') | ternary('llng', 'httpd') }}" tags: web - name: Deploy Lemonldap::NG main configuration diff --git a/roles/sssd_ldap_auth/defaults/main.yml b/roles/sssd_ldap_auth/defaults/main.yml index 93207c6..6ae8785 100644 --- a/roles/sssd_ldap_auth/defaults/main.yml +++ b/roles/sssd_ldap_auth/defaults/main.yml @@ -1,5 +1,5 @@ --- -ldap_auth: true +ldap_auth: false ldap_schema: rfc2307 ldap_modules: - pam