bn8/python-mylib
1
0
Fork 0
Code Issues Pull requests Projects Releases 12 Wiki Activity Actions

ldap: add option to disable referral following
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse source
This commit is contained in:
Benjamin Renard 2022-12-09 12:33:09 +01:00
parent c643fd30ac
commit cb4b8d6974
1 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
mylib/ldap.py
View file

@ -60,12 +60,14 @@ class LdapServer:
con = 0
def __init__(self, uri, dn=None, pwd=None, v2=None,
raiseOnError=False, logger=False, checkCert=True):
raiseOnError=False, logger=False, checkCert=True,
disableReferral=False):
self.uri = uri
self.dn = dn
self.pwd = pwd
self.raiseOnError = raiseOnError
self.checkCert = checkCert
self.disableReferral = disableReferral
if v2:
self.v2 = True
if logger:
@ -85,6 +87,9 @@ class LdapServer:
if not self.checkCert:
# pylint: disable=no-member
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
if self.disableReferral:
# pylint: disable=no-member
ldap.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
con = ldap.initialize(self.uri)
if self.v2:
con.protocol_version = ldap.VERSION2 # pylint: disable=no-member
@ -468,6 +473,9 @@ class LdapClient:
section.add_option(
BooleanOption, 'checkcert', default=True,
comment='Check LDAP certificate')
section.add_option(
BooleanOption, 'disablereferral', default=False,
comment='Disable referral following')
return section
@ -480,7 +488,9 @@ class LdapClient:
log.info("Connect to LDAP server %s as %s", uri, binddn if binddn else 'annonymous')
self._conn = LdapServer(
uri, dn=binddn, pwd=self._get_option('bindpwd'),
checkCert=self._get_option('checkcert'), raiseOnError=True
checkCert=self._get_option('checkcert'),
disableReferral=self._get_option('disablereferral'),
raiseOnError=True
)
# Reset cache
self._cached_objects = {}