From 5a757d0418d671dce65c7ae911f1249bb9fdd7f1 Mon Sep 17 00:00:00 2001
From: Michael Jumper <mjumper@apache.org>
Date: Thu, 21 Oct 2021 16:17:02 -0700
Subject: [PATCH] GUACAMOLE-957: Add support for configuring the general
 network timeout for LDAP.

---
 .../auth/ldap/ConnectedLDAPConfiguration.java      |  5 +++++
 .../guacamole/auth/ldap/LDAPConnectionService.java | 14 +++++++++++---
 .../auth/ldap/conf/DefaultLDAPConfiguration.java   |  5 +++++
 .../ldap/conf/EnvironmentLDAPConfiguration.java    |  8 ++++++++
 .../auth/ldap/conf/JacksonLDAPConfiguration.java   | 12 ++++++++++++
 .../auth/ldap/conf/LDAPConfiguration.java          | 13 +++++++++++++
 .../auth/ldap/conf/LDAPGuacamoleProperties.java    | 11 +++++++++++
 7 files changed, 65 insertions(+), 3 deletions(-)

diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConnectedLDAPConfiguration.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConnectedLDAPConfiguration.java
index 997e02376..5617bb785 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConnectedLDAPConfiguration.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConnectedLDAPConfiguration.java
@@ -197,6 +197,11 @@ public class ConnectedLDAPConfiguration implements LDAPConfiguration, AutoClosea
         return config.getOperationTimeout();
     }
 
+    @Override
+    public int getNetworkTimeout() throws GuacamoleException {
+        return config.getNetworkTimeout();
+    }
+
     @Override
     public List<String> getAttributes() throws GuacamoleException {
         return config.getAttributes();
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java
index f9d2a0513..b8f5d30ad 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java
@@ -67,6 +67,10 @@ public class LDAPConnectionService {
      *     The encryption method that should be used to communicate with the
      *     LDAP server.
      *
+     * @param timeout
+     *     The maximum number of milliseconds to wait for a response from the
+     *     LDAP server.
+     *
      * @return
      *     A new instance of LdapNetworkConnection which uses the given
      *     encryption method to communicate with the LDAP server at the given
@@ -77,11 +81,13 @@ public class LDAPConnectionService {
      *     bug).
      */
     private LdapNetworkConnection createLDAPConnection(String host, int port,
-            EncryptionMethod encryptionMethod) throws GuacamoleException {
+            EncryptionMethod encryptionMethod, int timeout)
+            throws GuacamoleException {
 
         LdapConnectionConfig config = new LdapConnectionConfig();
         config.setLdapHost(host);
         config.setLdapPort(port);
+        config.setTimeout(timeout);
 
         // Map encryption method to proper connection and socket factory
         switch (encryptionMethod) {
@@ -140,7 +146,8 @@ public class LDAPConnectionService {
         return createLDAPConnection(
                 config.getServerHostname(),
                 config.getServerPort(),
-                config.getEncryptionMethod());
+                config.getEncryptionMethod(),
+                config.getNetworkTimeout());
     }
 
     /**
@@ -209,7 +216,8 @@ public class LDAPConnectionService {
         if (port < 1)
             port = encryptionMethod.DEFAULT_PORT;
 
-        return createLDAPConnection(host, port, encryptionMethod);
+        return createLDAPConnection(host, port, encryptionMethod,
+                config.getNetworkTimeout());
 
     }
 
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/DefaultLDAPConfiguration.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/DefaultLDAPConfiguration.java
index c7b5e71c4..28ab8ed02 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/DefaultLDAPConfiguration.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/DefaultLDAPConfiguration.java
@@ -125,6 +125,11 @@ public class DefaultLDAPConfiguration implements LDAPConfiguration {
         return 30;
     }
 
+    @Override
+    public int getNetworkTimeout() {
+        return 30000;
+    }
+
     @Override
     public List<String> getAttributes() {
         return Collections.<String>emptyList();
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/EnvironmentLDAPConfiguration.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/EnvironmentLDAPConfiguration.java
index dfc60f98d..ae2d3cf3f 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/EnvironmentLDAPConfiguration.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/EnvironmentLDAPConfiguration.java
@@ -193,6 +193,14 @@ public class EnvironmentLDAPConfiguration implements LDAPConfiguration {
         );
     }
 
+    @Override
+    public int getNetworkTimeout() throws GuacamoleException {
+        return environment.getProperty(
+            LDAPGuacamoleProperties.LDAP_NETWORK_TIMEOUT,
+            DEFAULT.getNetworkTimeout()
+        );
+    }
+
     @Override
     public List<String> getAttributes() throws GuacamoleException {
         return environment.getProperty(
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/JacksonLDAPConfiguration.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/JacksonLDAPConfiguration.java
index 316205c87..e3e1496ed 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/JacksonLDAPConfiguration.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/JacksonLDAPConfiguration.java
@@ -165,6 +165,13 @@ public class JacksonLDAPConfiguration implements LDAPConfiguration {
     @JsonProperty("operation-timeout")
     private Integer operationTimeout;
 
+    /**
+     * The raw YAML value of {@link LDAPGuacamoleProperties#LDAP_NETWORK_TIMEOUT}.
+     * If not set within the YAML, this will be null.
+     */
+    @JsonProperty("network-timeout")
+    private Integer networkTimeout;
+
     /**
      * The raw YAML value of {@link LDAPGuacamoleProperties#LDAP_USER_ATTRIBUTES}.
      * If not set within the YAML, this will be null.
@@ -364,6 +371,11 @@ public class JacksonLDAPConfiguration implements LDAPConfiguration {
         return withDefault(operationTimeout, defaultConfig.getOperationTimeout());
     }
 
+    @Override
+    public int getNetworkTimeout() throws GuacamoleException {
+        return withDefault(networkTimeout, defaultConfig.getNetworkTimeout());
+    }
+
     @Override
     public List<String> getAttributes() throws GuacamoleException {
         return withDefault(userAttributes, defaultConfig.getAttributes());
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPConfiguration.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPConfiguration.java
index 99f36fa46..77eb31511 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPConfiguration.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPConfiguration.java
@@ -255,6 +255,19 @@ public interface LDAPConfiguration {
      */
     ExprNode getGroupSearchFilter() throws GuacamoleException;
 
+    /**
+     * Returns the maximum number of milliseconds to wait for a response when
+     * communicating with the LDAP server.
+     *
+     * @return
+     *     The maximum number of milliseconds to wait for responses from the
+     *     LDAP server.
+     *
+     * @throws GuacamoleException
+     *     If the LDAP network timeout cannot be retrieved.
+     */
+    int getNetworkTimeout() throws GuacamoleException;
+
     /**
      * Returns the maximum number of seconds to wait for LDAP operations.
      *
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java
index 5bf5cfbd6..1db4f723c 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java
@@ -254,6 +254,17 @@ public class LDAPGuacamoleProperties {
 
     };
 
+    /**
+     * Number of milliseconds to wait for responses from the LDAP server.
+     */
+    public static final IntegerGuacamoleProperty LDAP_NETWORK_TIMEOUT =
+            new IntegerGuacamoleProperty() {
+
+        @Override
+        public String getName() { return "ldap-network-timeout"; }
+
+    };
+
     /**
      * Custom attribute or attributes to query from Guacamole user's record in
      * the LDAP directory.