Changeset 1968 for pykota/trunk/pykota
- Timestamp:
- 12/02/04 23:01:58 (19 years ago)
- Location:
- pykota/trunk/pykota
- Files:
-
- 2 modified
-
config.py (modified) (2 diffs)
-
storages/ldapstorage.py (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
pykota/trunk/pykota/config.py
r1956 r1968 22 22 # 23 23 # $Log$ 24 # Revision 1.58 2004/12/02 22:01:58 jalet 25 # TLS is now supported with the LDAP backend 26 # 24 27 # Revision 1.57 2004/11/22 21:53:38 jalet 25 28 # Added the reject_unknown directive to pykota.conf to reject user/group … … 337 340 if ldapinfo[field].lower().startswith('attach(') : 338 341 ldapinfo[field] = ldapinfo[field][7:-1] 342 343 # should we use TLS, by default (if unset) value is NO 344 ldapinfo["ldaptls"] = self.isTrue(self.getGlobalOption("ldaptls", ignore=1)) 345 ldapinfo["cacert"] = self.getGlobalOption("cacert", ignore=1) 346 if ldapinfo["cacert"] : 347 ldapinfo["cacert"] = ldapinfo["cacert"].strip() 348 if ldapinfo["ldaptls"] : 349 if not os.access(ldapinfo["cacert"] or "", os.R_OK) : 350 raise PyKotaConfigError, _("Option ldaptls is set, but certificate %s is not readable.") % str(ldapinfo["cacert"]) 339 351 return ldapinfo 340 352 -
pykota/trunk/pykota/storages/ldapstorage.py
r1966 r1968 22 22 # 23 23 # $Log$ 24 # Revision 1.88 2004/12/02 22:01:58 jalet 25 # TLS is now supported with the LDAP backend 26 # 24 27 # Revision 1.87 2004/12/02 12:34:00 jalet 25 28 # Now automates LDAP reconnections if the server dropped the connection due … … 353 356 try : 354 357 self.database = ldap.initialize(self.savedhost) 358 if self.info["ldaptls"] : 359 # we want TLS 360 ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, self.info["cacert"]) 361 self.database.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND) 362 self.database.start_tls_s() 355 363 self.database.simple_bind_s(self.saveduser, self.savedpasswd) 356 364 self.basedn = self.saveddbname
