本文整理汇总了Python中ldap.OPT_X_TLS_REQUIRE_CERT属性的典型用法代码示例。如果您正苦于以下问题:Python ldap.OPT_X_TLS_REQUIRE_CERT属性的具体用法?Python ldap.OPT_X_TLS_REQUIRE_CERT怎么用?Python ldap.OPT_X_TLS_REQUIRE_CERT使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类ldap
的用法示例。
在下文中一共展示了ldap.OPT_X_TLS_REQUIRE_CERT属性的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_ldap_connect_ldap_start_tls
# 需要导入模块: import ldap [as 别名]
# 或者: from ldap import OPT_X_TLS_REQUIRE_CERT [as 别名]
def test_ldap_connect_ldap_start_tls(self, mock_set_option):
try:
ldapobj = self.mockldap['ldap://testserver.domain.tld']
result = _do_simple_bind('cn=manager,dc=example,dc=com', 'ldaptest',
uri='ldap://testserver.domain.tld',
use_tls=True)
self.assertEquals(ldapobj.methods_called(),
self.connect_methods + ['start_tls_s',
'simple_bind_s', 'whoami_s', 'unbind'])
mock_set_option.assert_has_calls(
[
mock.call(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND),
mock.call(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER),
])
self.assertTrue(result)
finally:
del ldapobj
示例2: test_ldap_connect_ldaps
# 需要导入模块: import ldap [as 别名]
# 或者: from ldap import OPT_X_TLS_REQUIRE_CERT [as 别名]
def test_ldap_connect_ldaps(self, mock_set_option):
try:
ldapobj = self.mockldap['ldaps://testserver.domain.tld']
result = _do_simple_bind('cn=manager,dc=example,dc=com', 'ldaptest',
uri='ldaps://testserver.domain.tld')
self.assertEquals(ldapobj.methods_called(),
self.connect_methods + ['simple_bind_s', 'whoami_s', 'unbind'])
mock_set_option.assert_has_calls(
[
mock.call(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER),
])
self.assertTrue(result)
finally:
del ldapobj
示例3: get_ldap_client
# 需要导入模块: import ldap [as 别名]
# 或者: from ldap import OPT_X_TLS_REQUIRE_CERT [as 别名]
def get_ldap_client(self, user=None, password=None):
uri = self.plugin_settings().get(["uri"])
if not uri:
self._logger.debug("No LDAP URI")
return None
if not user:
user = self.plugin_settings().get(["auth_user"])
password = self.plugin_settings().get(["auth_password"])
try:
self._logger.debug("Initializing LDAP connection to %s" % uri)
client = ldap.initialize(uri)
if self.plugin_settings().get(["request_tls_cert"]):
self._logger.debug("Requesting TLS certificate")
client.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)
else:
client.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
if user is not None:
self._logger.debug("Binding to LDAP as %s" % user)
client.bind_s(user, password)
return client
except ldap.INVALID_CREDENTIALS:
self._logger.error("Invalid credentials to bind to LDAP as %s" % user)
except ldap.LDAPError as e:
self._logger.error(json.dumps(e.message))
return None
示例4: _connect
# 需要导入模块: import ldap [as 别名]
# 或者: from ldap import OPT_X_TLS_REQUIRE_CERT [as 别名]
def _connect(self):
"""Initialize an ldap client"""
ldap_client = ldap.initialize(self.uri)
ldap.set_option(ldap.OPT_REFERRALS, 0)
ldap.set_option(ldap.OPT_TIMEOUT, self.timeout)
if self.starttls == 'on':
ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)
else:
ldap.set_option(ldap.OPT_X_TLS_DEMAND, False)
# set the CA file if declared and if necessary
if self.ca and self.checkcert == 'on':
# check if the CA file actually exists
if os.path.isfile(self.ca):
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, self.ca)
else:
raise CaFileDontExist(self.ca)
if self.checkcert == 'off':
# this is dark magic
# remove any of these two lines and it doesn't work
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
ldap_client.set_option(
ldap.OPT_X_TLS_REQUIRE_CERT,
ldap.OPT_X_TLS_NEVER
)
else:
# this is even darker magic
ldap_client.set_option(
ldap.OPT_X_TLS_REQUIRE_CERT,
ldap.OPT_X_TLS_DEMAND
)
# it doesn't make sense to set it to never
# (== don't check certifate)
# but it only works with this option...
# ... and it checks the certificat
# (I've lost my sanity over this)
ldap.set_option(
ldap.OPT_X_TLS_REQUIRE_CERT,
ldap.OPT_X_TLS_NEVER
)
if self.starttls == 'on':
try:
ldap_client.start_tls_s()
except Exception as e:
self._exception_handler(e)
return ldap_client