ENH: LDAP authentication tries second time, if first time times out.

misc/pam_authentication/ldap_authentication.sh

@@ -23,20 +23,39 @@
 
 # Try to authenticate a user ($1) with a password ($2) via LDAP
 
+[[ "$#" == "2" ]] || {
+    echo "call this script with two arguments: user and password"
+    exit 1
+}
+
 # set LDAP_SERVER here
 # e.g. `LDAP_SERVER=example.com`
-. ldap.conf
+exe_dir=$(dirname $0)
+. "$exe_dir/"ldap.conf
+
+testpw() {
+    username="${1}@${LDAP_SERVER}"
+    pw="$2"
+
+    if timeout 5s ldapwhoami -x -H "ldap://$LDAP_SERVER" -D "$username" -w "$pw"; then
+        return 0
+    else
+        ret_code="$?"
+    fi
+
+    # Possibly try a second time
+    if [[ "$ret_code" != "124" ]] ; then
+        return "$ret_code"
+    fi
 
-username="${1}@${LDAP_SERVER}"
-pw="$2"
+    ldapwhoami -x -H "ldap://$LDAP_SERVER" -D "$username" -w "$pw"
 
-if ldapwhoami -x -H "ldap://$LDAP_SERVER" -D "$username" -w "$pw" ; then
+}
+
+if testpw "$1" "$2" ; then
     echo "[OK]"
     exit 0
 else
     echo "[FAILED]"
     exit 1
 fi
-
-
-