From 5f2daf138aab3a993c182797dc3ca2049f6bd7af Mon Sep 17 00:00:00 2001
From: Alexander Sulfrian <alexander.sulfrian@fu-berlin.de>
Date: Fri, 15 Jul 2016 17:26:54 +0200
Subject: Server/Plugins/Ldap: Support specifying the ldap uri

You can now specify the server to connect by either host (and optionally
port) or by specifying the full ldap uri. If you specify host and port
the connection will use the plain (unencrypted) ldap protocol by default.
Only if you specify the port "636", it will use ldaps now.
---
 src/lib/Bcfg2/Server/Plugins/Ldap.py | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

(limited to 'src/lib/Bcfg2')

diff --git a/src/lib/Bcfg2/Server/Plugins/Ldap.py b/src/lib/Bcfg2/Server/Plugins/Ldap.py
index f342fba35..0b66f7777 100644
--- a/src/lib/Bcfg2/Server/Plugins/Ldap.py
+++ b/src/lib/Bcfg2/Server/Plugins/Ldap.py
@@ -169,7 +169,7 @@ class Ldap(Bcfg2.Server.Plugin.Plugin,
 class LdapConnection(Debuggable):
     """ Connection to an LDAP server. """
 
-    def __init__(self, host="localhost", port=389, binddn=None,
+    def __init__(self, host="localhost", port=389, uri=None, binddn=None,
                  bindpw=None):
         Debuggable.__init__(self)
 
@@ -180,6 +180,7 @@ class LdapConnection(Debuggable):
 
         self.host = host
         self.port = port
+        self.uri = uri
         self.binddn = binddn
         self.bindpw = bindpw
         self.conn = None
@@ -204,7 +205,8 @@ class LdapConnection(Debuggable):
         """ Open a connection to the configured LDAP server, and do a simple
         bind ff both binddn and bindpw are set. """
         self.disconnect()
-        self.conn = ldap.initialize(self.url)
+        self.conn = ldap.initialize(self.get_uri())
+
         if self.binddn is not None and self.bindpw is not None:
             self.conn.simple_bind_s(self.binddn, self.bindpw)
 
@@ -228,16 +230,20 @@ class LdapConnection(Debuggable):
                 self.conn = None
                 self.logger.error(
                     "LdapConnection: Server %s down. Retry %d/%d in %.2fs." %
-                    (self.url, attempt + 1, Bcfg2.Options.setup.ldap_retries,
+                    (self.get_uri(), attempt + 1,
+                     Bcfg2.Options.setup.ldap_retries,
                      Bcfg2.Options.setup.ldap_retry_delay))
                 time.sleep(Bcfg2.Options.setup.ldap_retry_delay)
 
         return None
 
-    @property
-    def url(self):
+    def get_uri(self):
         """ The URL of the LDAP server. """
-        return "ldap://%s:%d" % (self.host, self.port)
+        if self.uri is None:
+            if self.port == 636:
+                return "ldaps://%s" % self.host
+            return "ldap://%s:%d" % (self.host, self.port)
+        return self.uri
 
 
 class LdapQuery(object):
-- 
cgit v1.2.3-1-g7c22