Merge branch 'cvs'
This commit is contained in:
commit
2b07379b53
16
CHANGES
16
CHANGES
|
@ -1,11 +1,23 @@
|
|||
----------------------------------------------------------------
|
||||
Released 2.4.22 2015-10-xx
|
||||
Released 2.4.22 2015-10-25
|
||||
|
||||
Changes since 2.4.21:
|
||||
|
||||
Lib/
|
||||
* LDIFParser now also accepts value-spec without a space
|
||||
after the colon.
|
||||
* Added key-word argument authz_id to LDAPObject methods
|
||||
sasl_non_interactive_bind_s(), sasl_external_bind_s() and
|
||||
sasl_gssapi_bind_s()
|
||||
* Hmmpf! Added missing self to LDAPObject.fileno().
|
||||
* ReconnectLDAPObject.sasl_bind_s() now correctly uses
|
||||
generic wrapper arguments *args,**kwargs
|
||||
* LDIFParser.parse_change_records() now correctly calls
|
||||
LDIFParser.handle_change_modify()
|
||||
* Corrected ldap.controls.pwdpolicy.__all__
|
||||
|
||||
Doc/
|
||||
* Started missing docs for sub-module ldap.sasl.
|
||||
|
||||
----------------------------------------------------------------
|
||||
Released 2.4.21 2015-09-25 (upstream), 2015-10-19 (pyldap)
|
||||
|
@ -1204,4 +1216,4 @@ Released 2.0.0pre02 2002-02-01
|
|||
----------------------------------------------------------------
|
||||
Released 1.10alpha3 2000-09-19
|
||||
|
||||
$Id: CHANGES,v 1.358 2015/09/30 17:17:28 stroeder Exp $
|
||||
$Id: CHANGES,v 1.363 2015/10/24 15:55:07 stroeder Exp $
|
||||
|
|
|
@ -15,8 +15,6 @@ import sys,ldap,ldapurl,getpass
|
|||
|
||||
from ldap.controls.openldap import SearchNoOpControl
|
||||
|
||||
LDAPLimitErrors = (ldap.TIMEOUT,ldap.TIMELIMIT_EXCEEDED,ldap.SIZELIMIT_EXCEEDED,ldap.ADMINLIMIT_EXCEEDED)
|
||||
|
||||
SEARCH_TIMEOUT=30.0
|
||||
|
||||
try:
|
||||
|
@ -57,7 +55,11 @@ try:
|
|||
serverctrls=[SearchNoOpControl(criticality=True)],
|
||||
)
|
||||
_,_,_,search_response_ctrls = ldap_conn.result3(msg_id,all=1,timeout=SEARCH_TIMEOUT)
|
||||
except LDAPLimitErrors as e:
|
||||
except (
|
||||
ldap.TIMEOUT,
|
||||
ldap.TIMELIMIT_EXCEEDED,
|
||||
ldap.SIZELIMIT_EXCEEDED,
|
||||
ldap.ADMINLIMIT_EXCEEDED) as e:
|
||||
ldap_conn.abandon(msg_id)
|
||||
sys.exit(1)
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
# All configuration values have a default value; values that are commented out
|
||||
# serve to show the default value.
|
||||
#
|
||||
# $Id: conf.py,v 1.21 2015/06/05 21:05:37 stroeder Exp $
|
||||
# $Id: conf.py,v 1.22 2015/10/24 12:37:39 stroeder Exp $
|
||||
|
||||
import sys
|
||||
|
||||
|
@ -36,7 +36,7 @@ master_doc = 'index'
|
|||
|
||||
# General substitutions.
|
||||
project = 'python-ldap'
|
||||
copyright = '2008-2014, python-ldap project team'
|
||||
copyright = '2008-2015, python-ldap project team'
|
||||
|
||||
# The default replacements for |version| and |release|, also used in various
|
||||
# other places throughout the built documents.
|
||||
|
@ -44,7 +44,7 @@ copyright = '2008-2014, python-ldap project team'
|
|||
# The short X.Y version.
|
||||
version = '2.4'
|
||||
# The full version, including alpha/beta/rc tags.
|
||||
release = '2.4.20.0'
|
||||
release = '2.4.21.0'
|
||||
|
||||
# There are two options for replacing |today|: either, you set today to some
|
||||
# non-false value, then it is used:
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
python-ldap Documentation
|
||||
##########################
|
||||
|
||||
.. % $Id: index.rst,v 1.8 2011/10/26 19:42:45 stroeder Exp $
|
||||
.. % $Id: index.rst,v 1.9 2015/10/24 12:49:41 stroeder Exp $
|
||||
|
||||
.. topic:: Abstract
|
||||
|
||||
|
@ -30,6 +30,7 @@ Contents
|
|||
ldap-resiter.rst
|
||||
ldap-schema.rst
|
||||
ldap-syncrepl.rst
|
||||
ldap-sasl.rst
|
||||
ldif.rst
|
||||
ldapurl.rst
|
||||
dsml.rst
|
||||
|
|
|
@ -0,0 +1,78 @@
|
|||
.. % $Id: ldap-sasl.rst,v 1.3 2015/10/24 13:41:02 stroeder Exp $
|
||||
|
||||
|
||||
********************************************
|
||||
:py:mod:`ldap.sasl` Handling LDAPv3 schema
|
||||
********************************************
|
||||
|
||||
.. py:module:: ldap.sasl
|
||||
|
||||
This module implements various authentication methods for SASL bind.
|
||||
|
||||
.. seealso::
|
||||
|
||||
:rfc:`4422` - Simple Authentication and Security Layer (SASL)
|
||||
:rfc:`4513` - Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms
|
||||
|
||||
|
||||
Constants
|
||||
=========
|
||||
|
||||
.. py:data:: CB_USER
|
||||
|
||||
.. py:data:: CB_AUTHNAME
|
||||
|
||||
.. py:data:: CB_LANGUAGE
|
||||
|
||||
.. py:data:: CB_PASS
|
||||
|
||||
.. py:data:: CB_ECHOPROMPT
|
||||
|
||||
.. py:data:: CB_NOECHOPROMPT
|
||||
|
||||
.. py:data:: CB_GETREALM
|
||||
|
||||
|
||||
Classes
|
||||
=======
|
||||
|
||||
.. autoclass:: ldap.sasl.sasl
|
||||
:members:
|
||||
|
||||
.. autoclass:: ldap.sasl.cram_md5
|
||||
:members:
|
||||
|
||||
.. autoclass:: ldap.sasl.digest_md5
|
||||
:members:
|
||||
|
||||
.. autoclass:: ldap.sasl.gssapi
|
||||
:members:
|
||||
|
||||
.. autoclass:: ldap.sasl.external
|
||||
:members:
|
||||
|
||||
|
||||
.. _ldap.sasl-example:
|
||||
|
||||
Examples for ldap.sasl
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
This example connects to an OpenLDAP server via LDAP over IPC
|
||||
(see `draft-chu-ldap-ldapi <https://tools.ietf.org/html/draft-chu-ldap-ldapi>`_)
|
||||
and sends a SASL external bind request.
|
||||
|
||||
::
|
||||
|
||||
import ldap, ldap.sasl, urllib
|
||||
|
||||
ldapi_path = '/tmp/openldap-socket'
|
||||
ldap_conn = ldap.initialize(
|
||||
'ldapi://%s' % (
|
||||
urllib.quote_plus(ldapi_path)
|
||||
)
|
||||
)
|
||||
# Send SASL bind request for mechanism EXTERNAL
|
||||
ldap_conn.sasl_non_interactive_bind_s('EXTERNAL')
|
||||
# Find out the SASL Authorization Identity
|
||||
print ldap_conn.whoami_s()
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
.. % $Id: ldap.rst,v 1.28 2015/06/05 20:49:04 stroeder Exp $
|
||||
.. % $Id: ldap.rst,v 1.29 2015/11/19 05:16:46 stroeder Exp $
|
||||
|
||||
********************************************
|
||||
:py:mod:`ldap` LDAP library interface module
|
||||
|
@ -107,7 +107,7 @@ Options
|
|||
|
||||
.. seealso::
|
||||
|
||||
:manpage:`ldap.conf{5}` and :manpage:`ldap_get_options{3}`
|
||||
:manpage:`ldap.conf(5)` and :manpage:`ldap_get_option(3)`
|
||||
|
||||
|
||||
For use with functions :py:func:set_option() and :py:func:get_option()
|
||||
|
|
|
@ -4,7 +4,7 @@ ldap.controls.openldap - classes for OpenLDAP-specific controls
|
|||
|
||||
See http://www.python-ldap.org/ for project details.
|
||||
|
||||
$Id: openldap.py,v 1.4 2015/09/18 17:24:39 stroeder Exp $
|
||||
$Id: openldap.py,v 1.6 2015/10/24 16:21:56 stroeder Exp $
|
||||
"""
|
||||
|
||||
import ldap.controls
|
||||
|
@ -15,7 +15,8 @@ from pyasn1.codec.ber import decoder
|
|||
|
||||
|
||||
__all__ = [
|
||||
'SearchNoOpControl'
|
||||
'SearchNoOpControl',
|
||||
'SearchNoOpMixIn',
|
||||
]
|
||||
|
||||
|
||||
|
@ -63,7 +64,12 @@ class SearchNoOpMixIn:
|
|||
serverctrls=[SearchNoOpControl(criticality=True)],
|
||||
)
|
||||
_,_,_,search_response_ctrls = self.result3(msg_id,all=1,timeout=timeout)
|
||||
except LDAPLimitErrors as e:
|
||||
except (
|
||||
ldap.TIMEOUT,
|
||||
ldap.TIMELIMIT_EXCEEDED,
|
||||
ldap.SIZELIMIT_EXCEEDED,
|
||||
ldap.ADMINLIMIT_EXCEEDED
|
||||
) as e:
|
||||
self.abandon(msg_id)
|
||||
raise e
|
||||
else:
|
||||
|
|
|
@ -5,11 +5,12 @@ ldap.controls.pwdpolicy - classes for Password Policy controls
|
|||
|
||||
See http://www.python-ldap.org/ for project details.
|
||||
|
||||
$Id: pwdpolicy.py,v 1.4 2014/03/12 21:34:07 stroeder Exp $
|
||||
$Id: pwdpolicy.py,v 1.5 2015/10/24 15:55:07 stroeder Exp $
|
||||
"""
|
||||
|
||||
__all__ = [
|
||||
'ExpirationWarningControl'
|
||||
'PasswordExpiringControl',
|
||||
'PasswordExpiredControl',
|
||||
]
|
||||
|
||||
# Imports from python-ldap 2.4+
|
||||
|
|
|
@ -5,13 +5,12 @@ ldap.controls.sss - classes for Server Side Sorting
|
|||
|
||||
See http://www.python-ldap.org/ for project details.
|
||||
|
||||
$Id: sss.py,v 1.1 2015/06/22 16:47:08 stroeder Exp $
|
||||
$Id: sss.py,v 1.2 2015/10/24 15:52:23 stroeder Exp $
|
||||
"""
|
||||
|
||||
__all__ = [
|
||||
'SSSRequestControl',
|
||||
'SSSResponseControl',
|
||||
'SSSVLVPagedLDAPObject'
|
||||
]
|
||||
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@ ldapobject.py - wraps class _ldap.LDAPObject
|
|||
|
||||
See http://www.python-ldap.org/ for details.
|
||||
|
||||
\$Id: ldapobject.py,v 1.147 2015/08/08 13:37:41 stroeder Exp $
|
||||
\$Id: ldapobject.py,v 1.149 2015/10/24 15:46:12 stroeder Exp $
|
||||
|
||||
Compability:
|
||||
- Tested with Python 2.0+ but should work with Python 1.5.x
|
||||
|
@ -274,7 +274,7 @@ class SimpleLDAPObject:
|
|||
self.__class__.__name__,repr(name)
|
||||
))
|
||||
|
||||
def fileno():
|
||||
def fileno(self):
|
||||
"""
|
||||
Returns file description of LDAP connection.
|
||||
|
||||
|
@ -384,23 +384,29 @@ class SimpleLDAPObject:
|
|||
"""
|
||||
return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags)
|
||||
|
||||
def sasl_non_interactive_bind_s(self,sasl_mech,serverctrls=None,clientctrls=None,sasl_flags=ldap.SASL_QUIET):
|
||||
def sasl_non_interactive_bind_s(self,sasl_mech,serverctrls=None,clientctrls=None,sasl_flags=ldap.SASL_QUIET,authz_id=''):
|
||||
"""
|
||||
Send a SASL bind request using a non-interactive SASL method (e.g. GSSAPI, EXTERNAL)
|
||||
"""
|
||||
self.sasl_interactive_bind_s('',ldap.sasl.sasl({},sasl_mech))
|
||||
self.sasl_interactive_bind_s(
|
||||
'',
|
||||
ldap.sasl.sasl(
|
||||
{ldap.sasl.CB_USER:authz_id},
|
||||
sasl_mech
|
||||
)
|
||||
)
|
||||
|
||||
def sasl_external_bind_s(self,serverctrls=None,clientctrls=None,sasl_flags=ldap.SASL_QUIET):
|
||||
def sasl_external_bind_s(self,serverctrls=None,clientctrls=None,sasl_flags=ldap.SASL_QUIET,authz_id=''):
|
||||
"""
|
||||
Send SASL bind request using SASL mech EXTERNAL
|
||||
"""
|
||||
self.sasl_non_interactive_bind_s('EXTERNAL',serverctrls,clientctrls,sasl_flags)
|
||||
self.sasl_non_interactive_bind_s('EXTERNAL',serverctrls,clientctrls,sasl_flags,authz_id)
|
||||
|
||||
def sasl_gssapi_bind_s(self,serverctrls=None,clientctrls=None,sasl_flags=ldap.SASL_QUIET):
|
||||
def sasl_gssapi_bind_s(self,serverctrls=None,clientctrls=None,sasl_flags=ldap.SASL_QUIET,authz_id=''):
|
||||
"""
|
||||
Send SASL bind request using SASL mech GSSAPI
|
||||
"""
|
||||
self.sasl_non_interactive_bind_s('GSSAPI',serverctrls,clientctrls,sasl_flags)
|
||||
self.sasl_non_interactive_bind_s('GSSAPI',serverctrls,clientctrls,sasl_flags,authz_id)
|
||||
|
||||
def sasl_bind_s(self,dn,mechanism,cred,serverctrls=None,clientctrls=None):
|
||||
"""
|
||||
|
@ -1079,7 +1085,7 @@ class ReconnectLDAPObject(SimpleLDAPObject):
|
|||
self._store_last_bind(SimpleLDAPObject.sasl_interactive_bind_s,*args,**kwargs)
|
||||
return res
|
||||
|
||||
def sasl_bind_s(self,dn,mechanism,cred,serverctrls=None,clientctrls=None):
|
||||
def sasl_bind_s(self,*args,**kwargs):
|
||||
res = self._apply_method_s(SimpleLDAPObject.sasl_bind_s,*args,**kwargs)
|
||||
self._store_last_bind(SimpleLDAPObject.sasl_bind_s,*args,**kwargs)
|
||||
return res
|
||||
|
|
|
@ -3,7 +3,7 @@ ldif - generate and parse LDIF data (see RFC 2849)
|
|||
|
||||
See http://www.python-ldap.org/ for details.
|
||||
|
||||
$Id: ldif.py,v 1.85 2015/09/30 17:17:28 stroeder Exp $
|
||||
$Id: ldif.py,v 1.87 2015/10/24 16:12:31 stroeder Exp $
|
||||
|
||||
Python compability note:
|
||||
Tested with Python 2.0+, but should work with Python 1.5.2+.
|
||||
|
@ -415,7 +415,7 @@ class LDIFParser:
|
|||
"""
|
||||
return self.parse_entry_records() # parse()
|
||||
|
||||
def handle_change_modify(self,dn,modops,controls=None):
|
||||
def handle_modify(self,dn,modops,controls=None):
|
||||
"""
|
||||
Process a single LDIF record representing a single modify operation.
|
||||
This method should be implemented by applications using LDIFParser.
|
||||
|
|
Loading…
Reference in New Issue