def _connect( self
, connection_string
, user_dn
, user_pwd
, conn_timeout=5
, op_timeout=-1
):
""" Factored out to allow usage by other pieces """
# Connect to the server to get a raw connection object
connection = getResource( '%s-connection' % self._hash
, c_factory
, (connection_string,)
)
if not connection._type is c_factory:
connection = c_factory(connection_string)
connection_strings = [self._createConnectionString(s)
for s in self._servers]
if connection_string in connection_strings:
# We only reuse a connection if it is in our own configuration
# in order to prevent getting "stuck" on a connection created
# while dealing with a ldap.REFERRAL exception
setResource('%s-connection' % self._hash, connection)
# Set the protocol version - version 3 is preferred
try:
connection.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION3)
except ldap.LDAPError: # Invalid protocol version, fall back safely
connection.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION2)
# Deny auto-chasing of referrals to be safe, we handle them instead
try:
connection.set_option(ldap.OPT_REFERRALS, 0)
except ldap.LDAPError: # Cannot set referrals, so do nothing
pass
# Set the connection timeout
if conn_timeout > 0:
connection.set_option(ldap.OPT_NETWORK_TIMEOUT, conn_timeout)
# Set the operations timeout
if op_timeout > 0:
connection.timeout = op_timeout
# Now bind with the credentials given. Let exceptions propagate out.
connection.simple_bind_s(user_dn, user_pwd)
return connection
def deleteServers(self, position_list=()):
""" Delete server definitions """
old_servers = self.getServers()
new_servers = []
position_list = [int(x) for x in position_list]
for i in range(len(old_servers)):
if i not in position_list:
new_servers.append(old_servers[i])
self._servers = new_servers
# Delete the cached connection so that we don't accidentally
# continue using a server we should not be using anymore
setResource('%s-connection' % self._hash, '')
def addServer( self
, host
, port='389'
, use_ssl=0
, conn_timeout=-1
, op_timeout=-1
):
""" Add a server to our list of servers """
servers = self.getServers()
if use_ssl == 2:
protocol = 'ldapi'
port = 0
elif use_ssl == 1:
protocol = 'ldaps'
else:
protocol = 'ldap'
already_exists = 0
for server in self._servers:
if ( str(server['host']) == str(host) and
str(server['port']) == str(port) and
str(server['protocol']) == str(protocol) ):
already_exists = 1
server['conn_timeout'] = conn_timeout
server['op_timeout'] = op_timeout
break
if not already_exists:
servers.append( { 'host' : host
, 'port' : port
, 'protocol' : protocol
, 'conn_timeout' : conn_timeout
, 'op_timeout' : op_timeout
} )
self._servers = servers
# Delete the cached connection in case the new server was added
# in response to the existing server failing in a way that leads
# to nasty timeouts
setResource('%s-connection' % self._hash, '')
def addServer(self, host, port="389", use_ssl=0, conn_timeout=-1, op_timeout=-1):
""" Add a server to our list of servers """
servers = self.getServers()
if use_ssl == 2:
protocol = "ldapi"
port = 0
elif use_ssl == 1:
protocol = "ldaps"
else:
protocol = "ldap"
already_exists = 0
for server in self._servers:
if (
str(server["host"]) == str(host)
and str(server["port"]) == str(port)
and str(server["protocol"]) == str(protocol)
):
already_exists = 1
server["conn_timeout"] = conn_timeout
server["op_timeout"] = op_timeout
break
if not already_exists:
servers.append(
{
"host": host,
"port": port,
"protocol": protocol,
"conn_timeout": conn_timeout,
"op_timeout": op_timeout,
}
)
self._servers = servers
# Delete the cached connection in case the new server was added
# in response to the existing server failing in a way that leads
# to nasty timeouts
setResource("%s-connection" % self._hash, "")
