Draft: New plugin: LDAP Search

Add a new plugin that resolves contact names via LDAP queries.

Normally, in AD environments, XMPP servers are integrated with LDAP such that contact information (VCard / Roster) is queried from the LDAP server and sent to the client via XMPP.

When using Gajim with Cisco's Jabber server (CUCM), I discovered that Cisco integrates LDAP by making the client do the LDAP queries itself, without the server knowing anything about it.

This plugin adds nickname resolution via LDAP, and user search (with a customizable LDAP query) to the "New Chat" dialog to match Cisco's client.

I am currently using this plugin daily and it works great, but I would like to do some more testing before merging :)

ldap_search/ldap_searcher.py

 import logging
 import queue
 import threading
+import time
 from queue import Queue
 
 import ldap
@@ -9,6 +10,8 @@ log = logging.getLogger('gajim.p.ldap')
 
 
 class LdapSearcher:
+    MAX_CONNECTION_IDLE_TIME = 20
+
     def __init__(self):
         self._server_address = None
         self._bind_dn = None
@@ -22,6 +25,7 @@ class LdapSearcher:
         self._conn = None
         self._rebind = True
         self._error = None
+        self._last_idle_time = time.monotonic()
 
     def search(self, search_filter, attributes, on_result, on_error=None):
         if self._thread is None:
@@ -51,6 +55,8 @@ class LdapSearcher:
         log.info('Worker thread started')
 
         while not self._stop.is_set():
+            self._check_connection_idle_time()
+
             try:
                 search_filter, attributes, on_result, on_error = self._request_queue.get(timeout=0.1)
             except queue.Empty:
@@ -69,6 +75,7 @@ class LdapSearcher:
 
                 log.debug('Search filter: "%s"', search_filter)
                 results = self._conn.search_s(self._base_dn, ldap.SCOPE_SUBTREE, search_filter, attributes)
+                self._last_idle_time = time.monotonic()
                 results = self._parse_results(results)
                 log.debug('Got %d results', len(results))
                 if on_result:
@@ -83,6 +90,16 @@ class LdapSearcher:
         self._unbind()
         log.info('Worker thread stopped')
 
+    def _check_connection_idle_time(self):
+        # Microsoft's Active Directory LDAP server has a policy named MaxConnIdleTime (defaults to 900)
+        # which determines the maximum number of second that an LDAP connection is kept alive when it is idle.
+        # We refresh our connection (unbind + rebind) to avoid timeout errors.
+        current_time = time.monotonic()
+        if (current_time - self._last_idle_time) >= self.MAX_CONNECTION_IDLE_TIME:
+            if self._conn:
+                log.info('Connection reached maximum idle time')
+                self._unbind()
+
     @staticmethod
     def _parse_results(raw_results):
         results = []