From 81c16190bbc6e9ee9e9ad32ba9814c0c78fec7b5 Mon Sep 17 00:00:00 2001
From: mindless <mindless@71c3de6d-444a-0410-be80-ed276b4c234a>
Date: Mon, 9 Feb 2009 00:02:04 +0000
Subject: [PATCH] [FIXED HUDSON-2599] Update validation check now that ldaps://
 is accepted

git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@15148 71c3de6d-444a-0410-be80-ed276b4c234a
---
 .../java/hudson/security/LDAPSecurityRealm.java     | 13 +++++++------
 war/resources/help/security/ldap/server.html        |  6 +++---
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/hudson/security/LDAPSecurityRealm.java b/core/src/main/java/hudson/security/LDAPSecurityRealm.java
index 051184b91d..10d202e786 100644
--- a/core/src/main/java/hudson/security/LDAPSecurityRealm.java
+++ b/core/src/main/java/hudson/security/LDAPSecurityRealm.java
@@ -421,17 +421,18 @@ public class LDAPSecurityRealm extends SecurityRealm {
                         ok();   // connected
                     } catch (NamingException e) {
                         // trouble-shoot
-                        Matcher m = Pattern.compile("([^:]+)(?:\\:(\\d+))?").matcher(server.trim());
+//update to allow ldap:// or ldaps:// prefix  (issue #2599)
+                        Matcher m = Pattern.compile("(ldaps://)?([^:]+)(?:\\:(\\d+))?").matcher(server.trim());
                         if(!m.matches()) {
-                            error("Syntax of this field is SERVER or SERVER:PORT");
+                            error("Syntax of this field is SERVER or SERVER:PORT or ldaps://SERVER[:PORT]");
                             return;
                         }
 
                         try {
-                            InetAddress adrs = InetAddress.getByName(m.group(1));
-                            int port=389;
-                            if(m.group(2)!=null)
-                                port = Integer.parseInt(m.group(2));
+                            InetAddress adrs = InetAddress.getByName(m.group(2));
+                            int port = m.group(1)!=null ? 636 : 389;
+                            if(m.group(3)!=null)
+                                port = Integer.parseInt(m.group(3));
                             Socket s = new Socket(adrs,port);
                             s.close();
                         } catch (UnknownHostException x) {
diff --git a/war/resources/help/security/ldap/server.html b/war/resources/help/security/ldap/server.html
index 32af04e144..9605cb175f 100644
--- a/war/resources/help/security/ldap/server.html
+++ b/war/resources/help/security/ldap/server.html
@@ -1,8 +1,8 @@
 <div>
-    Specify the name of the LDAP server host name (like <tt>ldap.sun.com</tt>)
+    Specify the name of the LDAP server host name (like <tt>ldap.sun.com</tt>).
     If your LDAP server uses a port other than 389 (which is the standard for LDAP),
     you can also append a port number here, like <tt>ldap.acme.org:1389</tt>.
     To connect to LDAP over SSL (AKA LDAPS), specify it with the <tt>ldaps://</tt> protocol,
     like <tt>ldaps://ldap.acme.org</tt> or <tt>ldaps://ldap.acme.org:1636</tt> (if
-    the port is other than the default 636)
-</div>
\ No newline at end of file
+    the port is other than the default 636).
+</div>
-- 
GitLab