diff options
| author | Alexander Sulfrian <alexander.sulfrian@fu-berlin.de> | 2016-07-15 17:31:23 +0200 |
|---|---|---|
| committer | Alexander Sulfrian <alexander.sulfrian@fu-berlin.de> | 2017-03-21 17:26:08 +0100 |
| commit | b914052d7c33cc45012f693763189aa7db7a78a2 (patch) | |
| tree | 9229eb01cf10164b5d415976d261727840948179 | |
| parent | 5f2daf138aab3a993c182797dc3ca2049f6bd7af (diff) | |
| download | bcfg2-b914052d7c33cc45012f693763189aa7db7a78a2.tar.gz bcfg2-b914052d7c33cc45012f693763189aa7db7a78a2.tar.bz2 bcfg2-b914052d7c33cc45012f693763189aa7db7a78a2.zip | |
Server/Plugins/Ldap: Support arbitrary ldap options
You can now set arbitrary ldap option for the connection by specifying
a dict with the key and the value. You should use the constants from
python-ldap.
| -rw-r--r-- | doc/server/plugins/grouping/ldap.txt | 11 | ||||
| -rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Ldap.py | 9 |
2 files changed, 18 insertions, 2 deletions
diff --git a/doc/server/plugins/grouping/ldap.txt b/doc/server/plugins/grouping/ldap.txt index f9c25dee9..abbd5e005 100644 --- a/doc/server/plugins/grouping/ldap.txt +++ b/doc/server/plugins/grouping/ldap.txt @@ -140,6 +140,17 @@ LdapConnection LDAP URI of the LDAP server to connect to. This is prefered over :attr:`LdapConnection.host` and :attr:`LdapConnection.port`. + .. note:: + + If you are using ldaps you may have to specify additional options + for enabling the certificate validation or setting the path for + the trusted certificates with :attr:`LdapConnection.options`. + +.. attribute:: LdapConnection.options + + Arbitrary options for the LDAP connection. You should specify it + as a dict and use the ``OPT_*`` constants from ``python-ldap``. + You may pass any of these attributes as keyword arguments when creating the connection object. LdapQuery diff --git a/src/lib/Bcfg2/Server/Plugins/Ldap.py b/src/lib/Bcfg2/Server/Plugins/Ldap.py index 0b66f7777..a51f47dae 100644 --- a/src/lib/Bcfg2/Server/Plugins/Ldap.py +++ b/src/lib/Bcfg2/Server/Plugins/Ldap.py @@ -169,8 +169,8 @@ class Ldap(Bcfg2.Server.Plugin.Plugin, class LdapConnection(Debuggable): """ Connection to an LDAP server. """ - def __init__(self, host="localhost", port=389, uri=None, binddn=None, - bindpw=None): + def __init__(self, host="localhost", port=389, uri=None, options=None, + binddn=None, bindpw=None): Debuggable.__init__(self) if HAS_LDAP: @@ -181,6 +181,7 @@ class LdapConnection(Debuggable): self.host = host self.port = port self.uri = uri + self.options = options self.binddn = binddn self.bindpw = bindpw self.conn = None @@ -207,6 +208,10 @@ class LdapConnection(Debuggable): self.disconnect() self.conn = ldap.initialize(self.get_uri()) + if self.options is not None: + for (option, value) in self.options.items(): + self.conn.set_option(option, value) + if self.binddn is not None and self.bindpw is not None: self.conn.simple_bind_s(self.binddn, self.bindpw) |