Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def _bind(self, conn, bind, passwd):
# let's bind
if self.use_tls:
try:
conn.start_tls_s()
except Exception:
raise BackendError('Could not activate TLS on established '
'connection with %s' % self.uri,
backend=conn)
if bind is not None:
conn.simple_bind_s(bind, passwd)
conn.active = True
# We successfully connected to one of the servers, so
# we can just return the connection and stop processing
# any additional URIs.
if connected:
return conn
# We failed to connect to any of the servers,
# so raise an appropriate exception.
if not connected:
if isinstance(exc, (ldap.NO_SUCH_OBJECT,
ldap.SERVER_DOWN,
ldap.TIMEOUT)):
raise exc
# that's something else
raise BackendError(str(exc), backend=conn)
# Following two options are not added in common initialization as they
# need to follow a sequence in PythonLDAPHandler code.
if alias_dereferencing is not None:
self.set_option(ldap.OPT_DEREF, alias_dereferencing)
if chase_referrals is not None:
self.set_option(ldap.OPT_REFERRALS, int(chase_referrals))
if self.use_auth_pool: # separate pool when use_auth_pool enabled
pool_url = self.auth_pool_prefix + url
else:
pool_url = url
try:
self.conn_pool = self.connection_pools[pool_url]
except KeyError:
self.conn_pool = ldappool.ConnectionManager(
url,
size=pool_size,
retry_max=pool_retry_max,
retry_delay=pool_retry_delay,
timeout=pool_conn_timeout,
connector_cls=self.Connector,
use_tls=use_tls,
max_lifetime=pool_conn_lifetime)
self.connection_pools[pool_url] = self.conn_pool
from django.utils.dateformat import format
from django.core.exceptions import ObjectDoesNotExist
import logging, json, time, copy
import ldap
from ldap import modlist
from datetime import datetime
from pprint import pprint as pp
from fum.common.util import to_json, ldap_log
log = logging.getLogger(__name__)
TOTAL_CONNECTIONS = 0
from ldappool import ConnectionManager
cm = ConnectionManager(
uri=settings.LDAP_CONNECTION.get('uri'),
use_tls=settings.USE_TLS,
)
def open_ldap(bind_dn=None, bind_pwd=None):
return LDAPBridge(parent=None, BIND_DN=bind_dn, BIND_PASSWORD=bind_pwd)
def fetch(self, dn, filters='', attrs=[], scope=ldap.SCOPE_BASE, connection=None):
specials = []
normals = []
for a in attrs:
if isinstance(a, tuple):
specials.append(a)
else:
normals.append(a)
def pool(self):
# This is a property to allow lazy loading.
if self._pool is None:
ldap_uri, bind_user, bind_password = decode_ldap_uri(self.ldap_uri)
self._pool = ConnectionManager(ldap_uri, bind_user, bind_password)
return self._pool
def _get_connection(self, bind=None, passwd=None):
if bind is None:
bind = self.bind
if passwd is None:
passwd = self.passwd
if self.use_pool:
# let's try to recycle an existing one
conn = self._match(bind, passwd)
if conn is not None:
return conn
# the pool is full
if len(self._pool) >= self.size:
raise MaxConnectionReachedError(self.uri)
# we need to create a new connector
conn = self._create_connector(bind, passwd)
# adding it to the pool
if self.use_pool:
with self._pool_lock:
self._pool.append(conn)
else:
# with no pool, the connector is always active
conn.active = True
return conn
If 'use_auth_pool' is not enabled, then connection pooling is not used for
those LDAP operations.
Note, the python-ldap API requires all string attribute values to be UTF-8
encoded. The KeystoneLDAPHandler enforces this prior to invoking the
methods in this class.
Note, in python-ldap some fields (DNs, RDNs, attribute names, queries)
are represented as text (str on Python 3, unicode on Python 2 when
bytes_mode=False). For more details see:
http://www.python-ldap.org/en/latest/bytes_mode.html#bytes-mode
"""
# Added here to allow override for testing
Connector = ldappool.StateConnector
auth_pool_prefix = 'auth_pool_'
connection_pools = {} # static connector pool dict
def __init__(self, conn=None, use_auth_pool=False):
super(PooledLDAPHandler, self).__init__(conn=conn)
self.who = ''
self.cred = ''
self.conn_options = {} # connection specific options
self.page_size = None
self.use_auth_pool = use_auth_pool
self.conn_pool = None
def connect(self, url, page_size=0, alias_dereferencing=None,
use_tls=False, tls_cacertfile=None, tls_cacertdir=None,
tls_req_cert=ldap.OPT_X_TLS_DEMAND, chase_referrals=None,
def __init__(self, uri, bind=None, passwd=None, size=10, retry_max=3,
retry_delay=.1, use_tls=False, timeout=-1,
connector_cls=StateConnector, use_pool=True,
max_lifetime=600):
self._pool = []
self.size = size
self.retry_max = retry_max
self.retry_delay = retry_delay
self.uri = uri
self.bind = bind
self.passwd = passwd
self._pool_lock = RLock()
self.use_tls = use_tls
self.timeout = timeout
self.connector_cls = connector_cls
self.use_pool = use_pool
self.max_lifetime = max_lifetime