From d89266a9d2d1982ffc6f348ceae638d5a77777e2 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 20 Jul 2021 15:25:11 +0200 Subject: [PATCH] outposts/ldap: fix order of Listeners TCP -> PROXY -> TLS Signed-off-by: Jens Langhammer --- internal/outpost/ldap/api.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/internal/outpost/ldap/api.go b/internal/outpost/ldap/api.go index f876fa76c..89f12eff7 100644 --- a/internal/outpost/ldap/api.go +++ b/internal/outpost/ldap/api.go @@ -97,15 +97,18 @@ func (ls *LDAPServer) StartLDAPTLSServer() error { GetCertificate: ls.getCertificates, } - ln, err := tls.Listen("tcp", listen, tlsConfig) + ln, err := net.Listen("tcp", listen) if err != nil { ls.log.Fatalf("FATAL: listen (%s) failed - %s", listen, err) } + proxyListener := &proxyproto.Listener{Listener: ln} defer proxyListener.Close() + tln := tls.NewListener(proxyListener, tlsConfig) + ls.log.WithField("listen", listen).Info("Starting ldap tls server") - err = ls.s.Serve(proxyListener) + err = ls.s.Serve(tln) if err != nil { return err }