D188.1774816879.diff
No OneTemporary
Actions

Authored By

Unknown

Size

3 KB

Referenced Files

None

Subscribers

None

D188.1774816879.diff
View Options

	diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
	--- a/pykolab/auth/ldap/__init__.py
	+++ b/pykolab/auth/ldap/__init__.py
	@@ -116,6 +116,7 @@
	pykolab.base.Base.__init__(self, domain=domain)

	self.ldap = None
	+ self.ldap_priv = None
	self.bind = None

	if domain == None:
	@@ -282,11 +283,13 @@

	return retval

	- def connect(self):
	+ def connect(self, priv=None):
	"""
	Connect to the LDAP server through the uri configured.
	"""
	- if not self.ldap == None:
	+ if priv is None and self.ldap is not None:
	+ return
	+ if priv is not None and self.ldap_priv is not None:
	return

	log.debug(_("Connecting to LDAP..."), level=8)
	@@ -300,15 +303,20 @@
	if conf.debuglevel > 8:
	trace_level = 1

	- self.ldap = ldap.ldapobject.ReconnectLDAPObject(
	+ conn = ldap.ldapobject.ReconnectLDAPObject(
	uri,
	trace_level=trace_level,
	retry_max=200,
	retry_delay=3.0
	)

	- self.ldap.protocol_version = 3
	- self.ldap.supported_controls = []
	+ conn.protocol_version = 3
	+ conn.supported_controls = []
	+
	+ if priv is None:
	+ self.ldap = conn
	+ else:
	+ self.ldap_priv = conn

	def entry_dn(self, entry_id):
	"""
	@@ -1079,10 +1087,7 @@
	self.set_entry_attributes(entry_id, { attribute: value })

	def set_entry_attributes(self, entry_id, attributes):
	- bind_dn = self.config_get('bind_dn')
	- bind_pw = self.config_get('bind_pw')
	-
	- self._bind(bind_dn, bind_pw)
	+ self._bind()

	entry_dn = self.entry_dn(entry_id)

	@@ -1110,15 +1115,12 @@

	dn = entry_dn

	- if len(modlist) > 0:
	+ if len(modlist) > 0 and self._bind_priv() is True:
	try:
	- self.ldap.modify_s(dn, modlist)
	+ self.ldap_priv.modify_s(dn, modlist)
	except:
	log.error(_("Could not update dn %r:\n%r") % (dn, modlist))

	- # Drop the privileges
	- self._unbind()
	-
	def synchronize(self, mode=0, callback=None):
	"""
	Synchronize with LDAP
	@@ -1300,6 +1302,27 @@
	log.debug(_("bind() called but already bound"), level=8)
	return True

	+ def _bind_priv(self):
	+ if self.ldap_priv is None:
	+ self.connect(True)
	+
	+ bind_dn = self.config_get('bind_dn')
	+ bind_pw = self.config_get('bind_pw')
	+
	+ try:
	+ self.ldap_priv.simple_bind_s(bind_dn, bind_pw)
	+ return True
	+ except ldap.SERVER_DOWN, errmsg:
	+ log.error(_("LDAP server unavailable: %r") % (errmsg))
	+ log.error(_("%s") % (traceback.format_exc()))
	+ return False
	+ except ldap.INVALID_CREDENTIALS:
	+ log.error(_("Invalid DN, username and/or password."))
	+ return False
	+ else:
	+ log.debug(_("bind_priv() called but already bound"), level=8)
	+ return True
	+
	def _change_add_group(self, entry, change):
	"""
	An entry of type group was added.
	@@ -2072,9 +2095,10 @@
	)

	def _disconnect(self):
	- self._unbind()
	del self.ldap
	+ del self.ldap_priv
	self.ldap = None
	+ self.ldap_priv = None
	self.bind = None

	def _domain_naming_context(self, domain):
	@@ -2514,17 +2538,6 @@
	#
	# server = self.imap.user_mailbox_server(folder)

	- def _unbind(self):
	- """
	- Discard the current set of bind credentials.
	-
	- Virtually disconnects the LDAP connection, and should be followed by
	- a call to _bind() afterwards.
	- """
	-
	- self.ldap.unbind()
	- self.bind = None
	-
	###
	### Backend search functions
	###

File Metadata

Mime Type: text/plain
Expires: Sun, Mar 29, 8:41 PM (1 w, 1 d ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 18775983
Default Alt Text: D188.1774816879.diff (3 KB)

D188.1774816879.diffNo OneTemporaryActions

D188.1774816879.diffView Options

File Metadata

Event Timeline

D188.1774816879.diff
No OneTemporary
Actions

D188.1774816879.diff
View Options