Skip to content

Use RESTARTABLE client_strategy for persistent Connections

Wade Fitzpatrick requested to merge waddles/burp-ui:master into master

Fixes for #64 (closed) for AD. Changes the Connection used for doing ldap searches (ie. fetch()) to attempt to re-connect if the server has closed the socket. Note that Connections used for binding (ie. check()) use the default SYNC strategy.

String representations of the Connection are incredibly useful.

2015-06-16 10:24:52 [21634] [DEBUG] POST /login
filter: (&(sAMAccountName=wade.fitzpatrick)(|(userAccountControl=512)(userAccountControl=66048))) | base: OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
LDAP Connection = ldaps://corp.net.au:636 - ssl - user: CN=LDAP Read,CN=Users,DC=corp,DC=net,DC=au - bound - open - <local: 10.137.1.140:60119 - remote: 10.137.1.193:636> - tls not started - listening - RestartableStrategy
Found DN: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
filter: (&(sAMAccountName=wade.fitzpatrick)(|(userAccountControl=512)(userAccountControl=66048))) | base: OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
LDAP Connection = ldaps://corp.net.au:636 - ssl - user: CN=LDAP Read,CN=Users,DC=corp,DC=net,DC=au - bound - open - <local: 10.137.1.140:60119 - remote: 10.137.1.193:636> - tls not started - listening - RestartableStrategy
Found DN: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
LDAP Connection = ldaps://corp.net.au:636 - ssl - user: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au - bound - open - <local: 10.137.1.140:60417 - remote: 10.137.1.193:636> - tls not started - listening - SyncStrategy
Bound as user: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
2015-06-16 10:24:53 [21634] [DEBUG] Closing connection.
2015-06-16 10:24:53 [21634] [DEBUG] GET /
2015-06-16 10:24:53 [21634] [DEBUG] Closing connection.

And below, running 5 worker threads under gunicorn, we can see the number of connections decrease then reconnect as needed:

root@rubicon:~# netstat -anp |grep  :636
tcp        0      0 10.137.1.140:60119       10.137.1.193:636         ESTABLISHED 21634/python
tcp        0      0 10.137.1.140:60117       10.137.1.193:636         ESTABLISHED 21625/python
tcp        0      0 10.137.1.140:60116       10.137.1.193:636         ESTABLISHED 21627/python
tcp        0      0 10.137.1.140:60120       10.137.1.193:636         ESTABLISHED 21636/python
tcp        0      0 10.137.1.140:60118       10.137.1.193:636         ESTABLISHED 21626/python
tcp6       0      0 10.137.1.140:52366       10.137.1.193:636         ESTABLISHED 12140/java
root@rubicon:~# netstat -anp |grep  :636
tcp6       0      0 10.137.1.140:52366       10.137.1.193:636         ESTABLISHED 12140/java
root@rubicon:~# netstat -anp |grep  :636
tcp        0      0 10.137.1.140:36869       10.137.1.193:636         ESTABLISHED 21634/python
tcp6       0      0 10.137.1.140:52366       10.137.1.193:636         ESTABLISHED 12140/java

Merge request reports