def __init__(self, *args, **kw): ReconnectLDAPObject.__init__(self, *args, **kw) self.connected = False self.who = '' self.cred = '' self._connection_time = None
def __init__(self,uri, trace_level=0,trace_file=None,trace_stack_limit=5, retry_max=1,retry_delay=60.0, who='',cred='', start_tls=1, tls_cacertfile=None,tls_cacertdir=None, tls_clcertfile=None,tls_clkeyfile=None, ): """ Return LDAPObject instance by opening LDAP connection to LDAP host specified by LDAP URL. Unlike ldap.initialize() this function also trys to bind explicitly with the bind DN and credential given as parameter, probe the supported LDAP version and trys to use StartTLS extended operation if this was specified. Parameters like ReconnectLDAPObject.__init__() with these additional arguments: who,cred The Bind-DN and credential to use for simple bind right after connecting. start_tls Determines if StartTLS extended operation is tried on a LDAPv3 server and if the LDAP URL scheme is ldap:. If LDAP URL scheme is not ldap: (e.g. ldaps: or ldapi:) this parameter is ignored. 0 Don't use StartTLS ext op 1 Try StartTLS ext op but proceed when unavailable 2 Try StartTLS ext op and re-raise exception if it fails tls_cacertfile tls_clcertfile tls_clkeyfile """ # Initialize LDAP connection ReconnectLDAPObject.__init__( self,uri, trace_level=trace_level, trace_file=trace_file, trace_stack_limit=trace_stack_limit, retry_max=retry_max, retry_delay=retry_delay ) # Set protocol version to LDAPv3 self.protocol_version = ldap.VERSION3 self.started_tls = 0 try: self.simple_bind_s(who,cred) except ldap.PROTOCOL_ERROR: # Drop connection completely self.unbind_s() ; del self._l self._l = ldap.functions._ldap_function_call(_ldap.initialize,self._uri) self.protocol_version = ldap.VERSION2 self.simple_bind_s(who,cred) # Try to start TLS if requested if start_tls>0 and uri[:5]=='ldaps:': if self.protocol_version>=ldap.VERSION3: try: self.start_tls_s() except (ldap.PROTOCOL_ERROR,ldap.CONNECT_ERROR): if start_tls>=2: # Application does not accept clear-text connection # => re-raise exception raise else: self.started_tls = 1 else: if start_tls>=2: raise ValueError,"StartTLS extended operation only possible on LDAPv3+ server!" if self.protocol_version==ldap.VERSION2 or (who and cred): self.simple_bind_s(who,cred)