1
0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 10:44:30 +01:00

reverse because no effect + disable ssl unit test on travis

This commit is contained in:
kakwa 2015-06-18 00:23:00 +02:00
parent c75fd2c568
commit a8f1b7be59
2 changed files with 13 additions and 10 deletions

View File

@ -58,20 +58,20 @@ class Backend(ldapcherry.backend.Backend):
def _connect(self):
ldap_client = ldap.initialize(self.uri)
ldap.set_option(ldap.OPT_REFERRALS, 0)
ldap.set_option(ldap.OPT_TIMEOUT, self.timeout)
ldap_client.set_option(ldap.OPT_REFERRALS, 0)
ldap_client.set_option(ldap.OPT_TIMEOUT, self.timeout)
if self.starttls == 'on':
ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)
ldap_client.set_option(ldap.OPT_X_TLS_DEMAND, True)
else:
ldap.set_option(ldap.OPT_X_TLS_DEMAND, False)
ldap_client.set_option(ldap.OPT_X_TLS_DEMAND, False)
if self.ca and self.checkcert == 'on':
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, self.ca)
ldap_client.set_option(ldap.OPT_X_TLS_CACERTFILE, self.ca)
#else:
# ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, '')
# ldap_client.set_option(ldap.OPT_X_TLS_CACERTFILE, '')
if self.checkcert == 'off':
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
ldap_client.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
else:
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)
ldap_client.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)
if self.starttls == 'on':
try:
ldap_client.start_tls_s()

View File

@ -9,6 +9,7 @@ import sys
from sets import Set
from ldapcherry.backend.backendLdap import Backend, DelUserDontExists
from ldapcherry.exceptions import *
from disable import travis_disabled
import cherrypy
import logging
import ldap
@ -45,6 +46,7 @@ class TestError(object):
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
return True
@travis_disabled
def testConnectSSLNoCheck(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
@ -59,6 +61,7 @@ class TestError(object):
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
return True
@travis_disabled
def testConnectSSL(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://ldap.dnscherry.org:637'
@ -80,6 +83,7 @@ class TestError(object):
else:
raise AssertionError("expected an exception")
@travis_disabled
def testConnectSSLWrongCA(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
@ -92,6 +96,7 @@ class TestError(object):
except ldap.SERVER_DOWN as e:
assert e[0]['info'] == 'TLS: hostname does not match CN in peer certificate'
@travis_disabled
def testConnectStartTLS(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldap://ldap.ldapcherry.org:390'
@ -105,8 +110,6 @@ class TestError(object):
except ldap.SERVER_DOWN as e:
assert e[0]['info'] == 'TLS: hostname does not match CN in peer certificate'
def testAuthSuccess(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
return True