ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

Allow for DN's to have {x} prefix on first RDN (#5450)

Browse source 
* Allow for DN's to have {x} prefix on first RDN

* Update changelogs/fragments/5450-allow-for-xordered-dns.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Assign attrs to throw-away var

* Update plugins/module_utils/ldap.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Escape DN before creating filter

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Martin 2022-11-05 12:43:28 +01:00 committed by GitHub
parent 8dc82b1890
commit ee39fd5c90
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/5450-allow-for-xordered-dns.yaml Normal file
View file

@ -0,0 +1,2 @@
minor_changes:
- ldap_attrs - allow for DNs to have ``{x}`` prefix on first RDN (https://github.com/ansible-collections/community.general/issues/977, https://github.com/ansible-collections/community.general/pull/5450).

24
plugins/module_utils/ldap.py
View file

@ -15,6 +15,8 @@ from ansible.module_utils.common.text.converters import to_native
try: try:
import ldap import ldap
import ldap.dn
import ldap.filter
import ldap.sasl import ldap.sasl
HAS_LDAP = True HAS_LDAP = True
@ -48,7 +50,6 @@ class LdapGeneric(object):
self.module = module self.module = module
self.bind_dn = self.module.params['bind_dn'] self.bind_dn = self.module.params['bind_dn']
self.bind_pw = self.module.params['bind_pw'] self.bind_pw = self.module.params['bind_pw']
self.dn = self.module.params['dn']
self.referrals_chasing = self.module.params['referrals_chasing'] self.referrals_chasing = self.module.params['referrals_chasing']
self.server_uri = self.module.params['server_uri'] self.server_uri = self.module.params['server_uri']
self.start_tls = self.module.params['start_tls'] self.start_tls = self.module.params['start_tls']
@ -58,6 +59,9 @@ class LdapGeneric(object):
# Establish connection # Establish connection
self.connection = self._connect_to_ldap() self.connection = self._connect_to_ldap()
# Try to find the X_ORDERed version of the DN
self.dn = self._find_dn()
def fail(self, msg, exn): def fail(self, msg, exn):
self.module.fail_json( self.module.fail_json(
msg=msg, msg=msg,
@ -65,6 +69,24 @@ class LdapGeneric(object):
exception=traceback.format_exc() exception=traceback.format_exc()
) )
def _find_dn(self):
dn = self.module.params['dn']
explode_dn = ldap.dn.explode_dn(dn)
if len(explode_dn) > 1:
try:
escaped_value = ldap.filter.escape_filter_chars(explode_dn[0])
filterstr = "(%s)" % escaped_value
dns = self.connection.search_s(','.join(explode_dn[1:]),
ldap.SCOPE_ONELEVEL, filterstr)
if len(dns) == 1:
dn, dummy = dns[0]
except Exception:
pass
return dn
def _connect_to_ldap(self): def _connect_to_ldap(self):
if not self.verify_cert: if not self.verify_cert:
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)