示例#1
0
  exc_obj,exc_value,exc_traceback = sys.exc_info()
  sys.stderr.write('Unable to bind as "%s" to "%s":\n%s\n' % (binddn,ldap_host,exc_value))
  sys.exit(1)

try:
  ldap_msgid = l.search(
    basedn,
    ldap.SCOPE_SUBTREE,
    searchfilter,
    ['cn','mail','usercertificate','usersmimecertificate','usercertificate;binary','usersmimecertificate;binary'],
    0
  )
except ldap.NO_SUCH_OBJECT:
  result_dnlist = []
except ldap.FILTER_ERROR:
  sys.stderr.write('Bad search filter %s.\n' % charset.utf2iso(searchfilter))
  sys.exit(1)
except ldap.SIZELIMIT_EXCEEDED:
  sys.stderr.write('Sizelimit exceeded. Please refine search.\n')
  sys.exit(1)
except ldap.NO_SUCH_OBJECT:
  sys.stderr.write('No search results with filter %s.\n' % charset.utf2iso(searchfilter))
  sys.exit(1)
except ldap.error:
  exc_obj,exc_value,exc_traceback = sys.exc_info()
  sys.stderr.write('LDAP exception %(desc)s: %(info)s.\n' % exc_value)
  sys.exit(1)
#except:
#  exc_obj,exc_value,exc_traceback = sys.exc_info()
#  sys.stderr.write('Unhandled exception: %s.\n' % exc_value)
#  sys.exit(1)
示例#2
0
              existing_usercert_attrtype = a
              break

          old_usercertificate_attr = {}
          if existing_usercert_attrtype!=None:
            for ldap_cert in entry[1][existing_usercert_attrtype]:
              old_usercertificate_attr[ldap_cert] = None

          ldap_modlist = []

          if cert_entry[openssl.db.DB_type]==openssl.db.DB_TYPE_VAL:

	    if existing_usercert_attrtype is None:
              # Add new certificate attribute
              ldap_modlist.append((ldap.MOD_ADD,'userCertificate;binary',[local_cert]))
   	      sys.stdout.write('Adding new certificate attribute usercertificate;binary with certificate serial %s of LDAP entry "%s".\n' % (cert_entry[openssl.db.DB_serial],charset.utf2iso(ldap_dn)))
            elif replace:
              # Replace existing certificate attribute
              ldap_modlist.append((ldap.MOD_DELETE,existing_usercert_attrtype,None))
              ldap_modlist.append((ldap.MOD_ADD,existing_usercert_attrtype,[local_cert]))
   	      sys.stdout.write('Replacing attribute %s of entry %s with certificate serial %s.\n' % (
                  existing_usercert_attrtype,
		  charset.utf2iso(ldap_dn),
		  cert_entry[openssl.db.DB_serial]
	        )
	      )
	    elif not old_usercertificate_attr.has_key(local_cert):
              # Add new certificate attribute value
              ldap_modlist.append((ldap.MOD_DELETE,existing_usercert_attrtype,None))
              ldap_modlist.append((ldap.MOD_ADD,existing_usercert_attrtype,old_usercertificate_attr.keys()+[local_cert]))
   	      sys.stdout.write(
示例#3
0
                            old_usercertificate_attr[ldap_cert] = None

                    ldap_modlist = []

                    if cert_entry[
                            openssl.db.DB_type] == openssl.db.DB_TYPE_VAL:

                        if existing_usercert_attrtype is None:
                            # Add new certificate attribute
                            ldap_modlist.append(
                                (ldap.MOD_ADD, 'userCertificate;binary',
                                 [local_cert]))
                            sys.stdout.write(
                                'Adding new certificate attribute usercertificate;binary with certificate serial %s of LDAP entry "%s".\n'
                                % (cert_entry[openssl.db.DB_serial],
                                   charset.utf2iso(ldap_dn)))
                        elif replace:
                            # Replace existing certificate attribute
                            ldap_modlist.append(
                                (ldap.MOD_DELETE, existing_usercert_attrtype,
                                 None))
                            ldap_modlist.append(
                                (ldap.MOD_ADD, existing_usercert_attrtype,
                                 [local_cert]))
                            sys.stdout.write(
                                'Replacing attribute %s of entry %s with certificate serial %s.\n'
                                % (existing_usercert_attrtype,
                                   charset.utf2iso(ldap_dn),
                                   cert_entry[openssl.db.DB_serial]))
                        elif not old_usercertificate_attr.has_key(local_cert):
                            # Add new certificate attribute value