Branch 'pykolab-0.5' - 5 commits - configure.ac conf/kolab.conf pykolab/auth saslauthd/__init__.py
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Wed Oct 23 16:56:58 CEST 2013
conf/kolab.conf | 4 ++++
configure.ac | 2 +-
pykolab/auth/__init__.py | 2 +-
pykolab/auth/ldap/__init__.py | 20 ++++++++++++++++++--
saslauthd/__init__.py | 9 ++++++++-
5 files changed, 32 insertions(+), 5 deletions(-)
New commits:
commit ce6a2744df9d0c408d7747bfbcd6f48a47824f40
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Oct 23 12:53:24 2013 +0200
Bump release to 0.5.15
diff --git a/configure.ac b/configure.ac
index 6468fc5..2cc61a4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-AC_INIT([pykolab], 0.5.14)
+AC_INIT([pykolab], 0.5.15)
AC_SUBST([RELEASE], 1)
AC_CONFIG_SRCDIR(pykolab/constants.py.in)
commit e1c7a521dcedb61135be23ed37bbfe762812f4a4
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Oct 23 12:51:48 2013 +0200
Add the supported_controls setting to the [ldap] section
diff --git a/conf/kolab.conf b/conf/kolab.conf
index 1f49494..6e8747e 100644
--- a/conf/kolab.conf
+++ b/conf/kolab.conf
@@ -26,6 +26,10 @@ sync_interval = 300
; The URI to LDAP
ldap_uri = ldap://localhost:389
+; A list of integers containing supported controls, to increase the efficiency
+; of individual short-lived connections with LDAP.
+supported_controls = 0,2,3
+
; The base dn for the deployment. Note that this is the highest level in the
; tree Kolab will ever go. Should your OU structure allow it, you could set this
; to ou=Kolab,ou=Not-So-Private,dc=example,dc=org.
commit 4e0f2935fbd85e7ba235d2f10a5dedefac066856
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Sep 18 14:36:10 2013 +0100
Avoid duplicating the search for a domain root dn / domain connection
diff --git a/pykolab/auth/__init__.py b/pykolab/auth/__init__.py
index 9a5c262..1ae82e2 100644
--- a/pykolab/auth/__init__.py
+++ b/pykolab/auth/__init__.py
@@ -181,7 +181,7 @@ class Auth(pykolab.base.Base):
"""
Find one or more entries corresponding to the recipient address.
"""
- if not domain == None:
+ if not domain == None and not self.domain == domain:
self.connect(domain=domain)
result = self._auth.find_recipient(address)
commit 141606a63cb6561e548a4839b998c2103b145377
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Sep 20 15:03:08 2013 +0100
Increase the efficiency of three frequently used queries:
- The search for recipients does not have to include the nsuniqueid attribute,
- Not all domains list have to include all domains,
- There's no need to search for supported controls if we already know what controls are supported.
diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index b1b01bb..f90add1 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -345,7 +345,12 @@ class LDAP(pykolab.base.Base):
kolab_filter = self._kolab_filter()
recipient_address_attrs = self.config_get_list("mail_attributes")
- result_attributes = recipient_address_attrs
+
+ result_attributes = []
+
+ for recipient_address_attr in recipient_address_attrs:
+ result_attributes.append(recipient_address_attr)
+
result_attributes.append(self.config_get('unique_attribute'))
_filter = "(|"
@@ -1640,7 +1645,7 @@ class LDAP(pykolab.base.Base):
return _filter
- def _list_domains(self):
+ def _list_domains(self, domain=None):
"""
Find the domains related to this Kolab setup, and return a list of
DNS domain names.
@@ -1668,6 +1673,9 @@ class LDAP(pykolab.base.Base):
# If we haven't returned already, let's continue searching
domain_filter = conf.get('ldap', 'domain_filter')
+ if not domain == None:
+ domain_filter = domain_filter.replace('*', domain)
+
if domain_base_dn == None or domain_filter == None:
return []
@@ -2133,6 +2141,14 @@ class LDAP(pykolab.base.Base):
the first one supported.
"""
+ supported_controls = conf.get_list('ldap', 'supported_controls')
+
+ if not supported_controls == None and not len(supported_controls) < 1:
+ for control_num in [(int)(x) for x in supported_controls]:
+ self.ldap.supported_controls.append(
+ SUPPORTED_LDAP_CONTROLS[control_num]['func']
+ )
+
if len(self.ldap.supported_controls) < 1:
for control_num in SUPPORTED_LDAP_CONTROLS.keys():
log.debug(
commit 468557e3799b647c3b444ff7c7f8eac07fa55c18
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Jul 31 20:25:04 2013 +0100
Catch LDAP errors
diff --git a/saslauthd/__init__.py b/saslauthd/__init__.py
index 933b81d..6ef7eb2 100644
--- a/saslauthd/__init__.py
+++ b/saslauthd/__init__.py
@@ -194,7 +194,14 @@ class SASLAuthDaemon(object):
auth = Auth(domain=realm)
auth.connect()
- if auth.authenticate(login):
+ success = False
+
+ try:
+ success = auth.authenticate(login)
+ except:
+ success = False
+
+ if success:
# #1170: Catch broken pipe error (incomplete authentication request)
try:
clientsocket.send(struct.pack("!H2s", 2, "OK"))
More information about the commits
mailing list