From 3a26c722e7fbc2acaafaaf1fd3d8a389289ea5d0 Mon Sep 17 00:00:00 2001
From: Daniel <daniel@harvey>
Date: Fri, 7 Feb 2020 11:21:22 +0100
Subject: [PATCH] ENH: LDAP authentication tries second time, if first time
 times out.

---
 .../pam_authentication/ldap_authentication.sh | 33 +++++++++++++++----
 1 file changed, 26 insertions(+), 7 deletions(-)

diff --git a/misc/pam_authentication/ldap_authentication.sh b/misc/pam_authentication/ldap_authentication.sh
index 3b64a295..1e3ee2e8 100755
--- a/misc/pam_authentication/ldap_authentication.sh
+++ b/misc/pam_authentication/ldap_authentication.sh
@@ -23,20 +23,39 @@
 
 # Try to authenticate a user ($1) with a password ($2) via LDAP
 
+[[ "$#" == "2" ]] || {
+    echo "call this script with two arguments: user and password"
+    exit 1
+}
+
 # set LDAP_SERVER here
 # e.g. `LDAP_SERVER=example.com`
-. ldap.conf
+exe_dir=$(dirname $0)
+. "$exe_dir/"ldap.conf
+
+testpw() {
+    username="${1}@${LDAP_SERVER}"
+    pw="$2"
+
+    if timeout 5s ldapwhoami -x -H "ldap://$LDAP_SERVER" -D "$username" -w "$pw"; then
+        return 0
+    else
+        ret_code="$?"
+    fi
+
+    # Possibly try a second time
+    if [[ "$ret_code" != "124" ]] ; then
+        return "$ret_code"
+    fi
 
-username="${1}@${LDAP_SERVER}"
-pw="$2"
+    ldapwhoami -x -H "ldap://$LDAP_SERVER" -D "$username" -w "$pw"
 
-if ldapwhoami -x -H "ldap://$LDAP_SERVER" -D "$username" -w "$pw" ; then
+}
+
+if testpw "$1" "$2" ; then
     echo "[OK]"
     exit 0
 else
     echo "[FAILED]"
     exit 1
 fi
-
-
-
-- 
GitLab