| 1789 |
1789 |
return new_results
|
| 1790 |
1790 |
|
| 1791 |
1791 |
@classmethod
|
| 1792 |
|
def get_connections(cls, block, credentials=()):
|
|
1792 |
def get_connections(cls, block, credentials=(), raises=False):
|
| 1793 |
1793 |
'''Try each replicas, and yield successfull connections'''
|
| 1794 |
1794 |
if not block['url']:
|
| 1795 |
1795 |
raise ImproperlyConfigured("block['url'] must contain at least one url")
|
|
1796 |
errmsg = None
|
| 1796 |
1797 |
for url in map_text(block['url']):
|
| 1797 |
1798 |
for key, value in block['global_ldap_options'].items():
|
| 1798 |
1799 |
ldap.set_option(key, value)
|
| ... | ... | |
| 1821 |
1822 |
try:
|
| 1822 |
1823 |
conn.start_tls_s()
|
| 1823 |
1824 |
except ldap.CONNECT_ERROR:
|
| 1824 |
|
log.error(
|
| 1825 |
|
'connection to %r failed when activating TLS, did you forget to declare the TLS'
|
| 1826 |
|
' certificate in /etc/ldap/ldap.conf ?',
|
| 1827 |
|
url,
|
| 1828 |
|
)
|
| 1829 |
|
continue
|
|
1825 |
error = (
|
|
1826 |
'connection to %r failed when activating TLS, did you forget to '
|
|
1827 |
'declare the TLS certificate in /etc/ldap/ldap.conf ?'
|
|
1828 |
) % url
|
|
1829 |
log.error(errmsg)
|
| 1830 |
1830 |
except ldap.TIMEOUT:
|
| 1831 |
|
log.error('connection to %r timed out', url)
|
| 1832 |
|
continue
|
|
1831 |
errmsg = 'connection to %r timed out' % url
|
|
1832 |
log.error(errmsg)
|
| 1833 |
1833 |
except ldap.CONNECT_ERROR:
|
| 1834 |
|
log.error(
|
| 1835 |
|
'connection to %r failed when activating TLS, did you forget to declare the TLS'
|
| 1836 |
|
' certificate in /etc/ldap/ldap.conf ?',
|
| 1837 |
|
url,
|
| 1838 |
|
)
|
| 1839 |
|
continue
|
|
1834 |
errmsg = (
|
|
1835 |
'connection to %r failed when activating TLS, did you forget to declare '
|
|
1836 |
'the TLS certificate in /etc/ldap/ldap.conf ?'
|
|
1837 |
) % url
|
|
1838 |
log.error(errmsg)
|
| 1840 |
1839 |
except ldap.SERVER_DOWN:
|
|
1840 |
errmsg = 'ldap %r is down' % url
|
| 1841 |
1841 |
if block['replicas']:
|
| 1842 |
|
log.warning('ldap %r is down', url)
|
|
1842 |
log.warning(errmsg)
|
| 1843 |
1843 |
else:
|
| 1844 |
|
log.error('ldap %r is down', url)
|
|
1844 |
log.error(errmsg)
|
|
1845 |
if errmsg:
|
| 1845 |
1846 |
continue
|
| 1846 |
1847 |
user_credentials = block['connect_with_user_credentials'] and credentials
|
| 1847 |
1848 |
success, error = cls.bind(block, conn, credentials=user_credentials)
|
| 1848 |
1849 |
if success:
|
| 1849 |
1850 |
yield conn
|
| 1850 |
1851 |
else:
|
|
1852 |
errmsg = 'admin bind failed on %s: %s' % (url, error)
|
| 1851 |
1853 |
if block['replicas']:
|
| 1852 |
|
log.warning('admin bind failed on %s: %s', url, error)
|
|
1854 |
log.warning(errmsg)
|
| 1853 |
1855 |
else:
|
| 1854 |
|
log.error('admin bind failed on %s: %s', url, error)
|
|
1856 |
log.error(errmsg)
|
|
1857 |
if raises and errmsg:
|
|
1858 |
raise ldap.LDAPError(errmsg)
|
| 1855 |
1859 |
|
| 1856 |
1860 |
@classmethod
|
| 1857 |
1861 |
def bind(cls, block, conn, credentials=()):
|
| ... | ... | |
| 1907 |
1911 |
return False, 'ldap is down'
|
| 1908 |
1912 |
|
| 1909 |
1913 |
@classmethod
|
| 1910 |
|
def get_connection(cls, block, credentials=()):
|
|
1914 |
def get_connection(cls, block, credentials=(), raises=False):
|
| 1911 |
1915 |
'''Try to get at least one connection'''
|
| 1912 |
|
for conn in cls.get_connections(block, credentials=credentials):
|
|
1916 |
for conn in cls.get_connections(block, credentials=credentials, raises=raises):
|
| 1913 |
1917 |
return conn
|
| 1914 |
|
return None
|
| 1915 |
1918 |
|
| 1916 |
1919 |
@classmethod
|
| 1917 |
1920 |
def update_default(cls, block, validate=True):
|
| 1918 |
|
-
|