From 0523e6777d7115432376aefeb96238589d62e610 Mon Sep 17 00:00:00 2001 From: aleiphoenix Date: Tue, 3 Nov 2020 12:36:34 +0800 Subject: [PATCH] use DialTLS instead of StartTLS on ldap.Conn --- pkg/ldap/connection.go | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/pkg/ldap/connection.go b/pkg/ldap/connection.go index f449225..36810b3 100644 --- a/pkg/ldap/connection.go +++ b/pkg/ldap/connection.go @@ -22,27 +22,20 @@ var conn *ldap.Conn func ldapConnection() (err error) { var ldapConn = fmt.Sprintf("%v:%v", viper.GetString("settings.ldap.host"), viper.GetString("settings.ldap.port")) - conn, err = ldap.Dial( - "tcp", - ldapConn, - ) + if viper.GetBool("settings.ldap.tls") { + tlsconf := &tls.Config{ + InsecureSkipVerify: true, + } + conn, err = ldap.DialTLS("tcp", ldapConn, tlsconf) + } else { + conn, err = ldap.Dial("tcp", ldapConn) + } if err != nil { err = errors.New(fmt.Sprintf("无法连接到ldap服务器,%v", err)) logger.Error(err) return } - if viper.GetBool("settings.ldap.tls") { - err = conn.StartTLS(&tls.Config{ - InsecureSkipVerify: true, - }) - if err != nil { - err = errors.New(fmt.Sprintf("升级到加密方式失败,%v", err)) - logger.Error(err) - return - } - } - //设置超时时间 conn.SetTimeout(5 * time.Second)