diff --git a/.travis.yml b/.travis.yml index 57ca2c3fa..c93003be5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -40,7 +40,8 @@ install: - wget -O - https://spritelink.github.io/NIPAP/nipap.gpg.key | sudo apt-key add - - sudo apt-get update -qq # install dependencies for installing & running nipap - - sudo apt-get install -qq -y --force-yes python-pysqlite2 python-psycopg2 python-ipy python-ldap python-docutils postgresql postgresql-9.1-ip4r python-tornado python-flask python-flask-xml-rpc python-flask-compress + - sudo apt-get install -qq -y --force-yes python-pysqlite2 python-psycopg2 python-ipy python-docutils postgresql postgresql-9.1-ip4r python-tornado python-flask python-flask-xml-rpc python-flask-compress + - sudo pip install python3-ldap # install dependencies for building packages and build NIPAP debian packages - sudo apt-get install -qq -y --force-yes devscripts python-docutils # if we are testing the upgrade, first install NIPAP packages from official repo diff --git a/docs/sphinx/conf.py b/docs/sphinx/conf.py index 0629dad5a..74048ee44 100644 --- a/docs/sphinx/conf.py +++ b/docs/sphinx/conf.py @@ -217,7 +217,7 @@ def __getattr__(cls, name): else: return Mock() - MOCK_MODULES = ['ldap', 'IPy', 'psycopg2.extras', 'psycopg2'] + MOCK_MODULES = ['ldap3', 'IPy', 'psycopg2.extras', 'psycopg2'] for mod_name in MOCK_MODULES: sys.modules[mod_name] = Mock() diff --git a/nipap/debian/control b/nipap/debian/control index 950cf1aa2..697f59ee3 100644 --- a/nipap/debian/control +++ b/nipap/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.1 Package: nipap-common Architecture: all -Depends: python (>= 2.7), ${misc:Depends}, python-pysqlite2, python-ldap, python-ipy +Depends: python (>= 2.7), ${misc:Depends}, python-pysqlite2, python-ipy Description: Neat IP Address Planner The Neat IP Address Planner, NIPAP, is a system built for efficiently managing large amounts of IP addresses. This is the common libraries. diff --git a/nipap/nipap/authlib.py b/nipap/nipap/authlib.py index 1a31b3538..5effc6bf1 100644 --- a/nipap/nipap/authlib.py +++ b/nipap/nipap/authlib.py @@ -72,7 +72,7 @@ # Used by auth modules import sqlite3 -import ldap +import ldap3 import string import random @@ -298,7 +298,7 @@ def __init__(self, name, username, password, authoritative_source, auth_options= self._logger.debug('Creating LdapAuth instance') self._logger.debug('LDAP URI: ' + self._ldap_uri) - self._ldap_conn = ldap.initialize(self._ldap_uri) + self._ldap_conn = ldap3.Server(self._ldap_uri) @@ -314,29 +314,27 @@ def authenticate(self): return self._authenticated try: - self._ldap_conn.simple_bind_s('uid=' + self.username + ',' + self._ldap_basedn, self.password) - except ldap.SERVER_DOWN as exc: + with ldap3.Connection(self._ldap_conn, 'uid=' + self.username + ',' + self._ldap_basedn, self.password, raise_exceptions = True) as con: + res = con.search(self._ldap_basedn, '(uid=' + self.username + ')', ldap3.SEARCH_SCOPE_WHOLE_SUBTREE, attributes = ['cn'], size_limit = 1) + if (not res) or (not con.response): + self.full_name = '' + else: + self.full_name = con.response[0]['attributes']['cn'][0] + except ldap3.LDAPSocketOpenError as exc: raise AuthError('Could not connect to LDAP server') - except (ldap.INVALID_CREDENTIALS, ldap.INVALID_DN_SYNTAX, - ldap.UNWILLING_TO_PERFORM) as exc: + except (ldap3.LDAPInvalidCredentialsResult, ldap3.LDAPInvalidDNSyntaxResult, + ldap3.LDAPUnwillingToPerformResult) as exc: # Auth failed self._logger.debug('erroneous password for user %s' % self.username) self._authenticated = False return self._authenticated - # auth succeeded self.authenticated_as = self.username self._authenticated = True self.trusted = False self.readonly = False - try: - res = self._ldap_conn.search_s(self._ldap_basedn, ldap.SCOPE_SUBTREE, 'uid=' + self.username, ['cn']) - self.full_name = res[0][1]['cn'][0] - except: - self.full_name = '' - self._logger.debug('successfully authenticated as %s, username %s' % (self.authenticated_as, self.username)) return self._authenticated diff --git a/nipap/setup.py b/nipap/setup.py index d79989ef4..d0d2c12ed 100644 --- a/nipap/setup.py +++ b/nipap/setup.py @@ -49,7 +49,7 @@ def get_data_files(): url = nipap.__url__, packages = ['nipap'], keywords = ['nipap'], - requires = ['ldap', 'sqlite3', 'IPy', 'psycopg2'], + requires = ['ldap3', 'sqlite3', 'IPy', 'psycopg2'], data_files = get_data_files(), classifiers = [ 'Development Status :: 4 - Beta',