node-ldapauth-fork
node-ldapauth-fork copied to clipboard
vesse
[Bug] Randomly having "Error: Client network socket disconnected before secure TLS connection was established"
description
We are using:
-
[email protected]within docker -
[email protected]that include[email protected] -
[email protected]within docker
We have GItLab-CI runner that run npm install --registry https://our.registry.com for the project.
relevant log
I can connect repetitively multiple time to the LDAP, until:
In node 10.1.0
http <-- 200, user: me(172.18.0.1 via 172.16.14.10), req: 'GET /node-int64', bytes: 0/2481
http --> 304, req: 'GET https://registry.npmjs.org/multicast-dns-service-types' (streaming)
http --> 304, req: 'GET https://registry.npmjs.org/multicast-dns-service-types', bytes: 0/0
debug--- connected after 1 attempt(s)
debug--- connected after 1 attempt(s)
debug--- connected after 1 attempt(s)
debug--- failed to connect after 1 attempts
fatal--- uncaught exception, please report this
Error: Client network socket disconnected before secure TLS connection was established
at TLSSocket.onConnectEnd (_tls_wrap.js:1092:19)
at Object.onceWrapper (events.js:273:13)
at TLSSocket.emit (events.js:187:15)
at endReadableNT (_stream_readable.js:1086:12)
at process._tickCallback (internal/process/next_tick.js:63:19)
In node 8.11.2
info --> making request: 'GET https://registry.npmjs.org/array-unique'
debug--- connected after 1 attempt(s)
debug--- connected after 1 attempt(s)
fatal--- uncaught exception, please report this
TypeError: (groups || []).concat is not a function
at authenticatedUser (/usr/local/lib/node_modules/verdaccio/build/lib/auth.js:372:32)
at /usr/local/lib/node_modules/verdaccio/build/lib/auth.js:105:26
at sendResult (/usr/local/lib/node_modules/verdaccio-ldap/node_modules/ldapjs/lib/client/client.js:1395:12)
at messageCallback (/usr/local/lib/node_modules/verdaccio-ldap/node_modules/ldapjs/lib/client/client.js:1421:16)
at /usr/local/lib/node_modules/verdaccio-ldap/node_modules/ldapjs/lib/client/client.js:1282:14
at Array.forEach (<anonymous>)
at Client._onClose (/usr/local/lib/node_modules/verdaccio-ldap/node_modules/ldapjs/lib/client/client.js:1272:19)
at Object.onceWrapper (events.js:272:13)
at TLSSocket.emit (events.js:180:13)
at _handle.close (net.js:541:12)
at TCP.done [as _onclose] (_tls_wrap.js:379:7)
related sources
- https://github.com/nodejs/node/issues/21088
- https://github.com/Alexandre-io/verdaccio-ldap/issues/33
We can connect repetitively to the LDAP but then this error happens and prevent us totally from using our verdaccio registry.
Is there a way to prevent such bug ? The verdaccio-ldap plugin is not supporting starttls, using starttls ,
I got the same problem using version 2.1.4 of passport-ldapauth package which uses node-ldapauth-fork version 4.3.2.
passport-ldapauth creates a new LdapAuth with starttls option and immediately call LdapAuth.prototype.authenticate (here).
It seems calling authenticate before node-ldapauth-fork has received the validation that the connection has been secured by ldapjs is also causing the error "Client network socket disconnected before secure TLS connection was established".
Maybe node-ldapauth-fork should not try to use any LDAP client before the connection has been secured while option starttls is set.
What do you think? Am I missing the point completely?
Hi, my colleague and me have found a fix for this bug. We tried to fix it as little invasive as possible. I have created a pull request, with this fix it is not needed to change anything in the function calls, so packages which depend on this one will not have to change their code, just update the version as soon as this merge request gets accepted and new version released.
