annotate env/ldap/bind.lua @ 1321:a0d6c347ce7f
Configureable text when rejected because of age
author |
bsw |
date |
Wed Aug 01 18:05:18 2018 +0200 (2018-08-01) |
parents |
58f48a8a202a |
children |
35e605322b41 |
rev |
line source |
bsw@1071
|
1 -- binds to configured LDAP server
|
bsw@1071
|
2 -- --------------------------------------------------------------------------
|
bsw@1071
|
3 -- omit arguments for anonymous bind
|
bsw@1071
|
4 --
|
bsw@1071
|
5 -- arguments:
|
bsw@1071
|
6 -- dn: the distinguished name to be used fo binding (string)
|
bsw@1071
|
7 -- password: password credentials (string)
|
bsw@1071
|
8 --
|
bsw@1071
|
9 -- returns:
|
bsw@1071
|
10 -- ldap: in case of success, an LDAP connection handle
|
bsw@1071
|
11 -- err: in case of an error, an error code (string)
|
bsw@1071
|
12 -- err2: error dependent extra error information
|
bsw@1071
|
13
|
bsw@1071
|
14 function ldap.bind(dn, password)
|
bsw@1071
|
15
|
bsw@1071
|
16 local libldap = require("mldap")
|
bsw@1071
|
17
|
bsw@1071
|
18 local hostlist = ldap.get_hosts()
|
bsw@1071
|
19
|
bsw@1071
|
20 -- try binding to LDAP server until success of no host entry left
|
bsw@1071
|
21 local ldap
|
bsw@1071
|
22 while not ldap do
|
bsw@1071
|
23
|
bsw@1071
|
24 if #hostlist < 1 then
|
bsw@1071
|
25 break
|
bsw@1071
|
26 end
|
bsw@1071
|
27
|
bsw@1071
|
28 local host = table.remove(hostlist, 1)
|
bsw@1071
|
29
|
bsw@1071
|
30 local err
|
bsw@1071
|
31 ldap, err, errno = libldap.bind{
|
bsw@1071
|
32 uri = host.uri,
|
bsw@1071
|
33 timeout = host.timeout,
|
bsw@1071
|
34 who = dn,
|
bsw@1071
|
35 password = password
|
bsw@1071
|
36 }
|
bsw@1071
|
37
|
bsw@1071
|
38 if not err and ldap then
|
bsw@1071
|
39 return ldap, nil
|
bsw@1071
|
40 end
|
bsw@1071
|
41
|
bsw@1071
|
42 local errno_string
|
bsw@1071
|
43
|
bsw@1071
|
44 if errno then
|
bsw@1071
|
45 errno_string = libldap.errorcodes[errno]
|
bsw@1071
|
46 end
|
bsw@1071
|
47
|
bsw@1071
|
48 if errno == libldap.errorcodes.invalid_credentials then
|
bsw@1071
|
49 return nil, "invalid_credentials", errno_string
|
bsw@1071
|
50 end
|
bsw@1071
|
51 end
|
bsw@1071
|
52
|
bsw@1071
|
53 return nil, "cant_contact_ldap_server"
|
bsw@1071
|
54
|
bsw@1071
|
55 end
|