Ensure server is converted to unicode charlist

Author: lukebakken

deps/rabbitmq_auth_backend_ldap_management/src/rabbit_auth_backend_ldap_mgmt.erl

@@ -49,14 +49,15 @@ accept_content(ReqData0, Context) ->
             Port = safe_parse_int(maps:get(port, BodyMap, 389), "port"),
             UseSsl = safe_parse_bool(maps:get(use_ssl, BodyMap, false), "use_ssl"),
             UseStartTls = safe_parse_bool(maps:get(use_starttls, BodyMap, false), "use_starttls"),
-            Servers = maps:get(servers, BodyMap, []),
+            Servers = safe_parse_servers(BodyMap),
             UserDN = maps:get(user_dn, BodyMap, <<"">>),
             Password = maps:get(password, BodyMap, <<"">>),
             Options0 = [
                 {port, Port},
                 {timeout, 5000}
             ],
             {ok, Options1} = maybe_add_ssl_options(Options0, UseSsl, BodyMap),
+            ct:pal("@@@@ SERVES: ~tp",[Servers]),
             case eldap:open(Servers, Options1) of
                 {ok, LDAP} ->
                     Result = case maybe_starttls(LDAP, UseStartTls, BodyMap) of
@@ -178,8 +179,8 @@ tls_options(BodyMap) when is_map_key(ssl_options, BodyMap) ->
             TlsOpts2;
         Verify ->
             try
-                VerifyStr = unicode:characters_to_list(Verify),
-                [{verify, list_to_existing_atom(VerifyStr)} | TlsOpts2]
+                VerifyStr = to_unicode(Verify),
+                [{verify, binary_to_existing_atom(VerifyStr)} | TlsOpts2]
             catch
                 error:badarg ->
                     throw({bad_request, "invalid verify option passed to "
@@ -211,9 +212,10 @@ tls_options(BodyMap) when is_map_key(ssl_options, BodyMap) ->
         undefined ->
             TlsOpts5;
         VersionStrs when is_list(VersionStrs) ->
-            F1 = fun (VStr) ->
+            F1 = fun (VStr0) ->
                 try
-                    {true, list_to_existing_atom(VStr)}
+                    VStr1 = to_unicode(VStr0),
+                    {true, binary_to_existing_atom(VStr1)}
                 catch error:badarg ->
                     throw({bad_request, "invalid TLS version passed to "
                                         "/ldap/validate/simple-bind ssl_options.versions"})
@@ -222,10 +224,10 @@ tls_options(BodyMap) when is_map_key(ssl_options, BodyMap) ->
             Versions = lists:filtermap(F1, VersionStrs),
             [{versions, Versions} | TlsOpts5]
     end,
-    TlsOpts7 = case maps:get(<<"ssl_hostname_verification">>, SslOptionsMap, undefined) of
+    TlsOpts7 = case to_unicode(maps:get(<<"ssl_hostname_verification">>, SslOptionsMap, undefined)) of
         undefined ->
             TlsOpts6;
-        "wildcard" ->
+        <<"wildcard">> ->
             [{customize_hostname_check, [{match_fun, public_key:pkix_verify_hostname_match_fun(https)}]} | TlsOpts6];
         _ ->
             throw({bad_request, "invalid value passed to "
@@ -235,6 +237,9 @@ tls_options(BodyMap) when is_map_key(ssl_options, BodyMap) ->
 tls_options(_BodyMap) ->
     {ok, []}.
 
+to_unicode(Arg) ->
+    rabbit_data_coercion:to_utf8_binary(Arg).
+
 unicode_format(Arg) ->
     rabbit_data_coercion:to_utf8_binary(io_lib:format("~tp", [Arg])).
 
@@ -246,6 +251,13 @@ format_password_for_logging(<<>>) ->
 format_password_for_logging(Password) ->
     io_lib:format("[~p characters]", [string:length(Password)]).
 
+safe_parse_servers(BodyMap) when is_map(BodyMap) ->
+    safe_parse_servers(maps:get(servers, BodyMap, []));
+safe_parse_servers(Servers) when is_list(Servers) ->
+    [rabbit_data_coercion:to_unicode_charlist(S) || S <- Servers];
+safe_parse_servers(_) ->
+    [].
+
 safe_parse_int(Value, FieldName) ->
     try
         rabbit_mgmt_util:parse_int(Value)