def connect_instance(dsrc_inst, verbose): dsargs = dsrc_inst['args'] ds = DirSrv(verbose=verbose) ds.allocate(dsargs) if not ds.can_autobind() and dsrc_inst['binddn'] is not None: dsargs[SER_ROOT_PW] = getpass("Enter password for %s on %s : " % (dsrc_inst['binddn'], dsrc_inst['uri'])) elif not ds.can_autobind() and dsrc_inst['binddn'] is None: raise Exception("Must provide a binddn to connect with") ds.allocate(dsargs) ds.open(saslmethod=dsrc_inst['saslmech'], certdir=dsrc_inst['tls_cacertdir'], reqcert=dsrc_inst['tls_reqcert'], usercert=dsrc_inst['tls_cert'], userkey=dsrc_inst['tls_key'], starttls=dsrc_inst['starttls'], connOnly=True) return ds
def connect_instance(ldapurl, binddn, verbose, starttls): dsargs = {SER_LDAP_URL: ldapurl, SER_ROOT_DN: binddn} ds = DirSrv(verbose=verbose) ds.allocate(dsargs) if not ds.can_autobind() and binddn is not None: dsargs[SER_ROOT_PW] = getpass("Enter password for %s on %s : " % (binddn, ldapurl)) elif binddn is None: raise Exception("Must provide a binddn to connect with") ds.allocate(dsargs) ds.open(starttls=starttls) print("") return ds
def connect_instance(ldapurl, binddn, verbose, starttls): dsargs = { SER_LDAP_URL: ldapurl, SER_ROOT_DN: binddn } ds = DirSrv(verbose=verbose) ds.allocate(dsargs) if not ds.can_autobind() and binddn is not None: dsargs[SER_ROOT_PW] = getpass("Enter password for %s on %s : " % (binddn, ldapurl)) elif binddn is None: raise Exception("Must provide a binddn to connect with") ds.allocate(dsargs) ds.open(starttls=starttls, connOnly=True) print("") return ds
class CliTool(object): def __init__(self, args=None): if args is not None: self.args = args self.ds = DirSrv(verbose=args.verbose) else: self.ds = DirSrv() def populate_instance_dict(self, instance): insts = self.ds.list(serverid=instance) if len(insts) != 1: # Raise an exception here? self.inst = None raise ValueError("No such instance %s" % instance) else: self.inst = insts[0] def get_rootdn_pass(self): if self.args.binddn is None: binddn = self.inst[SER_ROOT_DN] else: binddn = self.args.binddn # There is a dict get key thing somewhere ... if self.inst.get(SER_ROOT_PW, None) is None: prompt_txt = ('Enter password for %s on instance %s: ' % (binddn, self.inst[SER_SERVERID_PROP])) self.inst[SER_ROOT_PW] = getpass(prompt_txt) print("") return def connect(self): # Can we attempt the autobind? # This should be a bit cleaner perhaps # Perhaps an argument to the cli? self.ds.allocate(self.inst) if not self.ds.can_autobind(): self.get_rootdn_pass() self.ds.allocate(self.inst) self.ds.open() def disconnect(self): # Is there a ds unbind / disconnect? self.ds.close()
def connect_instance(dsrc_inst, verbose, args): dsargs = dsrc_inst['args'] if '//' not in dsargs['ldapurl']: # Connecting to the local instance dsargs['server-id'] = dsargs['ldapurl'] # We have an instance name - generate url from dse.ldif ldapurl, certdir = get_ldapurl_from_serverid(dsargs['ldapurl']) if ldapurl is not None: dsargs['ldapurl'] = ldapurl if 'ldapi://' in ldapurl: dsargs['ldapi_enabled'] = 'on' dsargs['ldapi_socket'] = ldapurl.replace('ldapi://', '') dsargs['ldapi_autobind'] = 'on' elif 'ldaps://' in ldapurl: dsrc_inst['tls_cert'] = certdir else: # The instance name does not match any instances raise ValueError("Could not find configuration for instance: " + dsargs['ldapurl']) ds = DirSrv(verbose=verbose) # We do an empty allocate here to determine if we can autobind ... (really # we should actually be inspect the URL ...) ds.allocate(dsargs) if args.pwdfile is not None or args.bindpw is not None or args.prompt is True: if args.pwdfile is not None: # Read password from file try: with open(args.pwdfile, "r") as f: dsargs[SER_ROOT_PW] = f.readline().rstrip() except EnvironmentError as e: raise ValueError("Failed to open password file: " + str(e)) elif args.bindpw is not None: # Password provided # This shouldn't be needed? dsrc already inherits the args ... dsargs[SER_ROOT_PW] = args.bindpw else: # No password or we chose to prompt dsargs[SER_ROOT_PW] = getpass("Enter password for {} on {}: ".format(dsrc_inst['binddn'], dsrc_inst['uri'])) elif not ds.can_autobind(): # No LDAPI, prompt for password, and bind DN if necessary if dsrc_inst['binddn'] is None: dn = "" while dn == "": dn = input("Enter Bind DN: ") dsrc_inst['binddn'] = dn dsargs[SER_ROOT_PW] = getpass("Enter password for {} on {}: ".format(dsrc_inst['binddn'], dsrc_inst['uri'])) # Allocate is an awful interface that we should stop using, but for now # just directly map the dsrc_inst args in (remember, dsrc_inst DOES # overlay cli args into the map ...) dsargs[SER_ROOT_DN] = dsrc_inst['binddn'] ds = DirSrv(verbose=verbose) ds.allocate(dsargs) ds.open(saslmethod=dsrc_inst['saslmech'], certdir=dsrc_inst['tls_cacertdir'], reqcert=dsrc_inst['tls_reqcert'], usercert=dsrc_inst['tls_cert'], userkey=dsrc_inst['tls_key'], starttls=dsrc_inst['starttls'], connOnly=True) if ds.serverid is not None and ds.serverid.startswith("slapd-"): ds.serverid = ds.serverid.replace("slapd-", "", 1) return ds