Ldap server connection is aborted and closed, while it should unbind and close after #bind or #search

79 views

Skip to first unread message

Abhijit Chavan

unread,

Jun 22, 2017, 4:57:59 AM6/22/17

to Ruby LDAP

After doing #search, the same api close ldap server connection. But by looking at the server logs the connection is not getting closed properly, it is showing "closing from ip-address:51646 - A1 - Client aborted connection -". By looking at #close method which is used internally looks like it only closed socket connection and not sending any "unbind" request to ldap server.

Version of net-ldap gem: 0.12.0
LDAP server version: 2

Queries, connection information:
ldap = Net::LDAP.new
ldap.host =
ldap.port =
ldap.auth(user, password)
ldap.search(base: base_string)

Output:
[04/Apr/2017:12:55:46 -0400] conn=2063075 op=-1 msgId=-1 - fd=8023 slot=8023 LDAP connection from ip-address:51646 to ip-address
[04/Apr/2017:12:55:46 -0400] conn=2063075 op=0 msgId=1 - BIND dn="" method=128 version=3
[04/Apr/2017:12:55:46 -0400] conn=2063075 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn=""
[04/Apr/2017:12:55:46 -0400] conn=2063075 op=1 msgId=0 - RESULT err=0 tag=120 nentries=0 etime=0
[04/Apr/2017:12:55:46 -0400] conn=2063075 op=-1 msgId=-1 - closing from ip-address:51646 - A1 - Client aborted connection -
[04/Apr/2017:12:55:46 -0400] conn=2063075 op=-1 msgId=-1 - closed.

Abhijit Chavan

unread,

Jun 22, 2017, 5:12:04 AM6/22/17

to Ruby LDAP

Is there any reason behind this to close socket and not to call unbind api call?
If anybody has idea about how to implement this, then it will be appreciated

I have tried following from irb to make "unbind" call to ldap server
=======================================================================

require 'socket'

require 'net/ber'

require 'net/ldap/pdu'

require 'net/ldap/filter'

require 'net/ldap/dataset'

require 'net/ldap/password'

require 'net/ldap/entry'

require 'net/ldap/version'

@host = 'ldap host'

@port = 'port'

user, psw = ['CN=abc,CN=Users,DC=something,DC=local', 'abc']

@conn = TCPSocket.new(@host, @port)

--- bind ---------

msgid = 1.to_ber

request = [3.to_ber, user.to_ber, psw.to_ber_contextspecific(0)].to_ber_appsequence(0)

request_pkt = [msgid, request].to_ber_sequence

@conn.write request_pkt

-----------------

-----unbind-------

msgid = 2.to_ber

request_pkt = [msgid, Net::BER::Null.to_ber].to_ber_sequence

@conn.write request_pkt

------------------

bind call is successful, but I am not able to call unbind call successfully as mentioned in https://tools.ietf.org/html/rfc4511#section-4.3
=======================================================================================

Reply all

Reply to author

Forward

0 new messages