From michael at stroeder.com Sat Jan 18 21:07:15 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sat, 18 Jan 2003 21:07:15 +0100 Subject: Mem leaks in current Message-ID: <3E29B3F3.4050405@stroeder.com> HI! Could someone with C knowledge please volunteer checking for mem leaks in l_ldap_search_ext() (see LDAPObject.c in CVS)? Ciao, Michael. From Frank.Elsner at rz.uni-osnabrueck.de Thu Jan 23 11:16:02 2003 From: Frank.Elsner at rz.uni-osnabrueck.de (Elsner) Date: Thu, 23 Jan 2003 11:16:02 +0100 Subject: Lib/ldap.py missing - strange error message ... Message-ID: <5.1.0.14.1.20030123111317.02b5e488@imap.rz.uni-osnabrueck.de> Trying to build, I get the following warnings: [root at fleance python-ldap-2.0.0pre06]# python2 setup.py build running build running build_py warning: build_py: file Lib/ldap.py (for module ldap) not found warning: build_py: file Lib/ldap/schema.py (for module ldap.schema) not found not copying Lib/ldap/__init__.py (output up-to-date) not copying Lib/ldap/async.py (output up-to-date) not copying Lib/ldap/cidict.py (output up-to-date) not copying Lib/ldap/functions.py (output up-to-date) not copying Lib/ldap/sasl.py (output up-to-date) not copying Lib/ldap/schema/__init__.py (output up-to-date) not copying Lib/ldap/schema/tokenizer.py (output up-to-date) not copying Lib/ldap/schema/models.py (output up-to-date) not copying Lib/ldap/schema/subentry.py (output up-to-date) not copying Lib/ldap/ldapobject.py (output up-to-date) not copying Lib/ldap/modlist.py (output up-to-date) not copying Lib/ldapurl.py (output up-to-date) not copying Lib/ldif.py (output up-to-date) warning: build_py: file Lib/ldap.py (for module ldap) not found warning: build_py: file Lib/ldap/schema.py (for module ldap.schema) not found running build_ext skipping '_ldap' extension (up-to-date) ---- Lib/ldap.py does not exist, anyway. Could you explain if this is an error or a feature. Python2 is installed and working, OpenLDAP 2.12 is installed, too. Regards Frank Elsner # From michael at stroeder.com Thu Jan 23 11:24:56 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 23 Jan 2003 11:24:56 +0100 Subject: Lib/ldap.py missing - strange error message ... In-Reply-To: <5.1.0.14.1.20030123111317.02b5e488@imap.rz.uni-osnabrueck.de> References: <5.1.0.14.1.20030123111317.02b5e488@imap.rz.uni-osnabrueck.de> Message-ID: <3E2FC2F8.1040807@stroeder.com> Elsner wrote: > warning: build_py: file Lib/ldap.py (for module ldap) not found > warning: build_py: file Lib/ldap/schema.py (for module ldap.schema) not > found ldap and ldap.schema are both module packages (directories containing various sub-modules). The messages above are falsely produced by DistUtils. Don't worry about it. Just try if it works after install: $ python -c "import ldap,ldap.schema;print ldap.__version__" Ciao, Michael. From astreib at indiana.edu Mon Feb 10 16:35:04 2003 From: astreib at indiana.edu (Allan Streib) Date: Mon, 10 Feb 2003 10:35:04 -0500 Subject: incompatibility with pypgsql? Message-ID: <399260D8-3D0D-11D7-9300-000393033826@indiana.edu> Wondering if anyone has noted the following problem: import ldap from pyPgSQL import libpq . . . c = libpq.PQconnectdb(host, dbname, user, password) Segmentation fault. This is with pypgsql 2.2 and python-ldap-2.0.0-pre06. The problem does not occur with python-ldap-2.0.0-pre04. I did a "full featured" build of -pre06 (except for ldap_r) with openldap 2.0.23, contrary to the README instructions to use 2.0.26+, so that may be the problem. Odd that it is affecting another library, though. Allan From michael at stroeder.com Mon Feb 10 16:58:15 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Mon, 10 Feb 2003 16:58:15 +0100 Subject: incompatibility with pypgsql? In-Reply-To: <399260D8-3D0D-11D7-9300-000393033826@indiana.edu> References: <399260D8-3D0D-11D7-9300-000393033826@indiana.edu> Message-ID: <3E47CC17.9000800@stroeder.com> Allan Streib wrote: > Wondering if anyone has noted the following problem: > > import ldap > from pyPgSQL import libpq > [..] > c = libpq.PQconnectdb(host, dbname, user, password) > Segmentation fault. > > This is with pypgsql 2.2 and python-ldap-2.0.0-pre06. Note sure if that helps but please check an old message appended below. > The problem does not occur with python-ldap-2.0.0-pre04. Are you sure that there's not library mix of 2.0.0pre04 and pre06? Watch out for _ldap.so (pre06) and _ldapmodule.so (pre04). You have to remove _ldapmodule.so. Check if you have Ciao, Michael. -------- Original Message -------- Subject: python-ldap and --with-pymalloc Date: Sun, 18 Nov 2001 17:09:17 +0100 From: Michael Str?der Reply-To: michael at stroeder.com Organization: stroeder.com To: python-ldap-dev HI! It seems that I found the solution why python-ldap was seg faulting with my Python 2.1 installation. It was compiled with configuration option --with-pymalloc. Without this option python-ldap runs fine with Python 2.1.1 and 2.2b2. :-) Can somebody with C knowledge dig into that? At least python-ldap build should failed if the Python interpreter was built with --with-pymalloc. Ciao, Michael. From astreib at indiana.edu Mon Feb 10 18:15:23 2003 From: astreib at indiana.edu (Allan Streib) Date: Mon, 10 Feb 2003 12:15:23 -0500 Subject: incompatibility with pypgsql? In-Reply-To: <3E47CC17.9000800@stroeder.com> Message-ID: <3D88D37C-3D1B-11D7-9300-000393033826@indiana.edu> On Monday, February 10, 2003, at 10:58 AM, Michael Str?der wrote: > Watch out for _ldap.so (pre06) and _ldapmodule.so (pre04). You have to > remove _ldapmodule.so. find(1) reveals only _ldap.so # find / -name _ldap\*.so /usr/local/lib/python2.2/site-packages/_ldap.so /usr/local/src/python-ldap-2.0.0pre06/build/lib.linux-i686-2.2/_ldap.so /usr/local/src/python-ldap-2.0.0pre04/build/lib.linux-i686-2.2/_ldap.so (Currently I have the -pre04 installed) Allan From astreib at indiana.edu Tue Feb 11 05:19:56 2003 From: astreib at indiana.edu (Allan Streib) Date: Mon, 10 Feb 2003 23:19:56 -0500 (US Eastern Standard Time) Subject: incompatibility with pypgsql? In-Reply-To: <3E47CC17.9000800@stroeder.com> References: <399260D8-3D0D-11D7-9300-000393033826@indiana.edu> <3E47CC17.9000800@stroeder.com> Message-ID: On Mon, 10 Feb 2003, [ISO-8859-1] Michael Str?der wrote: > Allan Streib wrote: > > Wondering if anyone has noted the following problem: > > > > import ldap > > from pyPgSQL import libpq > > [..] > > c = libpq.PQconnectdb(host, dbname, user, password) > > Segmentation fault. > > > > This is with pypgsql 2.2 and python-ldap-2.0.0-pre06. > > Note sure if that helps but please check an old message appended below. Just thought I'd let everyone know that the segmentation fault described above does not occur if I build python-ldap using the openldap 2.0.27 libs. I still don't understand why this is causing a segfault in pypgsql but perhaps something in the openldap 2.0.23 libs is overwriting something that happens to be in pypgsql's space, and this problem has been fixed in the 2.0.27 openldap libs. Allan From astreib at indiana.edu Tue Feb 11 05:04:21 2003 From: astreib at indiana.edu (Allan Streib) Date: Mon, 10 Feb 2003 23:04:21 -0500 (US Eastern Standard Time) Subject: trouble with ldap_r Message-ID: Trying to build -pre06, with the following in setup.cfg: libs = ldap_r lber sasl ssl crypto Once built, I try to test it by firing up python (working dir build/lib.linux-i686-2.2/) and importing ldap. My session looks like: Python 2.2.1 (#1, May 14 2002, 16:46:46) [GCC 2.96 20000731 (Red Hat Linux 7.1 2.96-98)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import ldap Traceback (most recent call last): File "", line 1, in ? File "ldap/__init__.py", line 21, in ? from _ldap import * ImportError: /usr/kerberos/lib/libk5crypto.so.3: shared object not open I saw this previously and thought it might be that I was using openldap-2.0.23, contrary to advice in the README file. So I built 2.0.27 and used those libraries to build python-ldap-2.0.0-pre06 Looking at ldd output for _ldap.so, it seems to be finding everything: $ ldd _ldap.so libldap_r.so.2 => /home/astreib/seg/openldap-2.0.27/libraries/libldap_r/.libs/libldap_r.so.2 (0x4000f000) liblber.so.2 => /home/astreib/seg/openldap-2.0.27/libraries/liblber/.libs/liblber.so.2 (0x40040000) libsasl.so.7 => /usr/local/lib/libsasl.so.7 (0x4004b000) libssl.so.0.9.6 => /usr/lib/libssl.so.0.9.6 (0x4005e000) libcrypto.so.0.9.6 => /usr/lib/libcrypto.so.0.9.6 (0x4008b000) libc.so.6 => /lib/libc.so.6 (0x40142000) libkrb4.so.2 => /usr/kerberos/lib/libkrb4.so.2 (0x40278000) libdes425.so.3 => /usr/kerberos/lib/libdes425.so.3 (0x4028c000) libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x40290000) libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3 (0x402e9000) libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x402fa000) libdb-4.0.so => /usr/local/BerkeleyDB.4.0/lib/libdb-4.0.so (0x402fd000) libdl.so.2 => /lib/libdl.so.2 (0x40389000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x4038d000) libpam.so.0 => /lib/libpam.so.0 (0x403ba000) libgssapi_krb5.so.2 => /usr/kerberos/lib/libgssapi_krb5.so.2 (0x403c3000) libresolv.so.2 => /lib/libresolv.so.2 (0x403d6000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000) Can anyone shed any light on what exactly the error "shared object not open" means? If I specify ldap instead of ldap_r in my setup.cfg libs, I do not get this error on import ldap. Allan From michael at stroeder.com Wed Feb 12 00:05:48 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Wed, 12 Feb 2003 00:05:48 +0100 Subject: trouble with ldap_r In-Reply-To: References: Message-ID: <3E4981CC.3060805@stroeder.com> Allan Streib wrote: > Trying to build -pre06, with the following in setup.cfg: > > libs = ldap_r lber sasl ssl crypto > [..] > ImportError: /usr/kerberos/lib/libk5crypto.so.3: shared object not open > [..] > I saw this previously and thought it might be that I was using > openldap-2.0.23, contrary to advice in the README file. So I built 2.0.27 > and used those libraries to build python-ldap-2.0.0-pre06 > > Looking at ldd output for _ldap.so, it seems to be finding > everything: Try to play with LD_LIBRARY_PATH or add /usr/kerberos/lib to /etc/ld.so.conf. > If I specify ldap instead of ldap_r in my setup.cfg libs, I do not get > this error on import ldap. I'm not even sure if libldap_r of OpenLDAP 2.0.x works well with your Kerberos setup. Is it Heimdal? I would consider libldap_r of OpenLDAP 2.1.x to be more mature. But not sure if that solves *your* problem. Ciao, Michael < From michael at stroeder.com Mon Feb 17 20:34:53 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Mon, 17 Feb 2003 20:34:53 +0100 Subject: problem with sasl_bind_s in ReconnectLDAPObject In-Reply-To: <0E8B7A38-3DF2-11D7-AA34-000393033826@indiana.edu> References: <0E8B7A38-3DF2-11D7-AA34-000393033826@indiana.edu> Message-ID: <3E51395D.1080201@stroeder.com> Allan Streib wrote: > > AttributeError: ReconnectLDAPObject has no attribute '_store_last_bind' Thanks for catching this. > I have found that the following change seems to result in the correct > functionality. Your patch is in CVS now (together with support for ReconnectLDAPObject.search_ext_s()). Ciao, Michael. From astreib at indiana.edu Tue Feb 11 19:53:06 2003 From: astreib at indiana.edu (Allan Streib) Date: Tue, 11 Feb 2003 13:53:06 -0500 Subject: problem with sasl_bind_s in ReconnectLDAPObject Message-ID: <0E8B7A38-3DF2-11D7-AA34-000393033826@indiana.edu> In python-ldap-2.0.0pre06, attempting to use sasl_bind_s in the a ReconnectLDAPObject, I received the following error: AttributeError: ReconnectLDAPObject has no attribute '_store_last_bind' I have found that the following change seems to result in the correct functionality. There may be a more elegant solution.... --- ldapobject.py.orig Tue Feb 11 13:34:46 2003 +++ ldapobject.py Tue Feb 11 11:25:38 2003 @@ -672,7 +672,10 @@ def _apply_last_bind(self): if self._last_bind!=None: func,args,kwargs = self._last_bind - apply(func,args,kwargs) + if kwargs: + apply(func,args,kwargs) + else: + apply(func,args) def _restore_options(self): """Restore all recorded options""" @@ -741,7 +744,7 @@ """ sasl_bind_s(who, auth) -> None """ - self._store_last_bind(self.sasl_bind_s,who,auth) + self._last_bind = (self.sasl_bind_s,(who,auth),{}) return self._ldap_call(self._l.sasl_bind_s,who,auth) def add_s(self,*args,**kwargs): From rnaidu at zeomega.com Tue Feb 18 10:26:06 2003 From: rnaidu at zeomega.com (Rakesh Naidu) Date: Tue, 18 Feb 2003 14:56:06 +0530 Subject: bind zope owner to ldap directory References: <8122C866-11C3-11D7-8885-0003939EFEBC@zope.com> Message-ID: <006501c2d72f$c3d5d200$3b01a8c0@zeomega.org> hello jens, i was able to import the ldap client(LDAPUserFolder) in to zope managament iinterface...and now i have set the server name etc to the proper values.... now, the user that owns zope needs to be authernticated with ldap to the required directory....how to bind the user to the particular directory...so that authentication happens from zope, using the client ldapuserfolder..... please let me know if you need any more details in specific.... regards, rakesh.... ----- Original Message ----- From: "Jens Vagelpohl" To: "python-ldap" Sent: Tuesday, December 17, 2002 6:59 PM Subject: Re: error installing ldapmodule1.8 well thank you michael ;) On Tuesday, Dec 17, 2002, at 06:22 US/Eastern, Michael Str?der wrote: > Rakesh Naidu wrote: >> michael...can u throw some light on this error..... >> 2002-12-17T10:50:45 ERROR(200) Zope Could not import >> Products.LDAPUserFolder >> Traceback (innermost last): >> [..] >> ImportError: No module named ldap > > This was recently discussed here. I've attached a posting by Jens > before he has to repeat it. > > Furthermore you can search the mailing list archive for 'Zope'. > > Ciao, Michael > > -------- Original Message -------- > Subject: Re: Problems importing ldap in Zope > Date: Fri, 29 Nov 2002 20:12:57 -0500 > From: Jens Vagelpohl > To: Jorge Loureiro Dias > CC: python-ldap-dev at lists.sourceforge.net > > this problem has nothing to do with zope. the ldap module zope is > trying to import is messed up. the one zope is trying to import is most > likely not the same one that gets imported if you run python itself > from the command line. > > you need to locate the exact python binary zope uses and rebuild the > python-ldap module with that binary. > > jens > > > > From jens at zope.com Tue Feb 18 19:11:26 2003 From: jens at zope.com (Jens Vagelpohl) Date: Tue, 18 Feb 2003 13:11:26 -0500 Subject: bind zope owner to ldap directory In-Reply-To: <006501c2d72f$c3d5d200$3b01a8c0@zeomega.org> Message-ID: <653BF81E-436C-11D7-9B94-0003939EFEBC@zope.com> what you are saying does not make any sense to me. if you instantiate a LDAPUserFolder then it will be used for authentication purposes in that place of your directory structure and "downward". this is not the right mailing list to discuss zope issues. this mailing list is for the python-ldap module only. jens On Tuesday, Feb 18, 2003, at 04:26 US/Eastern, Rakesh Naidu wrote: > hello jens, > i was able to import the ldap client(LDAPUserFolder) in to zope > managament > iinterface...and now i have set the server name etc to the proper > values.... > now, the user that owns zope needs to be authernticated with ldap to > the > required directory....how to bind the user to the particular > directory...so > that authentication happens from zope, using the client > ldapuserfolder..... > > please let me know if you need any more details in specific.... > > regards, > rakesh.... > > > ----- Original Message ----- > From: "Jens Vagelpohl" > To: "python-ldap" > Sent: Tuesday, December 17, 2002 6:59 PM > Subject: Re: error installing ldapmodule1.8 > > > well thank you michael ;) > > > On Tuesday, Dec 17, 2002, at 06:22 US/Eastern, Michael Str?der wrote: > >> Rakesh Naidu wrote: >>> michael...can u throw some light on this error..... >>> 2002-12-17T10:50:45 ERROR(200) Zope Could not import >>> Products.LDAPUserFolder >>> Traceback (innermost last): >>> [..] >>> ImportError: No module named ldap >> >> This was recently discussed here. I've attached a posting by Jens >> before he has to repeat it. >> >> Furthermore you can search the mailing list archive for 'Zope'. >> >> Ciao, Michael >> >> -------- Original Message -------- >> Subject: Re: Problems importing ldap in Zope >> Date: Fri, 29 Nov 2002 20:12:57 -0500 >> From: Jens Vagelpohl >> To: Jorge Loureiro Dias >> CC: python-ldap-dev at lists.sourceforge.net >> >> this problem has nothing to do with zope. the ldap module zope is >> trying to import is messed up. the one zope is trying to import is >> most >> likely not the same one that gets imported if you run python itself >> from the command line. >> >> you need to locate the exact python binary zope uses and rebuild the >> python-ldap module with that binary. >> >> jens >> >> >> >> From tesno2 at hotmail.com Mon Mar 3 23:53:26 2003 From: tesno2 at hotmail.com (Jerry Lee) Date: Mon, 03 Mar 2003 22:53:26 +0000 Subject: Blocking bind.... Message-ID: Hello again, I recently posted to the list about a problem I am having with bind blocking for a long time before it times out if the server isn't there. Mario Cicognini (thx Mario!!) was kind enough to suggest the following: l = ldap.open(LDAPServer) id = l.simple_bind(LDAPbindUsername, LDAPbindPassword) status,res = l.result(id, 1, 60) if status != 'RES_BIND': return -1 which I tried with no success. My app blocks at the id = l.simple_bind(LDAPbindUsername, LDAPbindPassword) line and doesn't return until around 90secs later. I have to kill it otherwise. Is my supposedly async bind a sync bind?? (I tried bind_s with exactly the same results) If so, how can I change the timeout so it doesn't wait 90secs? Where is the async bind hiding or does it exist?? Am I missing something?? I'm running Linux Mandrake 9.0, openldap 2.0.25 and lib2-devel (Mandrake separate the libs from the openldap server and clients). I downloaded python-ldap 2.0.0pre06 and compiled it and things work OK - except for this ;-) Thanks, Jerry. From michael at stroeder.com Tue Mar 4 17:31:23 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 04 Mar 2003 17:31:23 +0100 Subject: Blocking bind.... In-Reply-To: References: Message-ID: <3E64D4DB.709@stroeder.com> Jerry Lee wrote: > > I recently posted to the list about a problem I am having with bind > blocking for a long time before it times out if the server isn't there. You can elaborate on "the server isn't there"? > Mario Cicognini (thx Mario!!) was kind enough to suggest the following: > > l = ldap.open(LDAPServer) > id = l.simple_bind(LDAPbindUsername, LDAPbindPassword) > status,res = l.result(id, 1, 60) > if status != 'RES_BIND': > return -1 > > which I tried with no success. First note that the connection timeout part is done within OpenLDAP libs. It might be worth testing with newer OpenLDAP lib version 2.1.x. There's nothing more you can do at Python level. > My app blocks at the > id = l.simple_bind(LDAPbindUsername, LDAPbindPassword) > line and doesn't return until around 90secs later. Note that opening the connection is deferred until attempting first the LDAP operation. The ldap_initialize() function of OpenLDAP libs just returns a LDAP connection struct without actually connecting to the server. I guess your simple bind is the first LDAP operation. Ciao, Michael. From tesno2 at hotmail.com Tue Mar 4 19:09:35 2003 From: tesno2 at hotmail.com (Jerry Lee) Date: Tue, 04 Mar 2003 18:09:35 +0000 Subject: Blocking bind.... Message-ID: Hi Michael, Thanks for the response. >From: Michael Str?der >To: Jerry Lee >CC: python-ldap-dev at lists.sourceforge.net >Subject: Re: Blocking bind.... >Date: Tue, 04 Mar 2003 17:31:23 +0100 > >Jerry Lee wrote: >> >>I recently posted to the list about a problem I am having with bind >>blocking for a long time before it times out if the server isn't there. > >You can elaborate on "the server isn't there"? > The machine doesn't exist - an ip address that I can't ping. I'm writing a QT-based LDAP browser and I want to make it user friendly. Give the user an option of cancelling a request if they typed the wrong IP address (for example) > >>Mario Cicognini (thx Mario!!) was kind enough to suggest the following: >> >> l = ldap.open(LDAPServer) >> id = l.simple_bind(LDAPbindUsername, LDAPbindPassword) >> status,res = l.result(id, 1, 60) >> if status != 'RES_BIND': >> return -1 >> >>which I tried with no success. > >First note that the connection timeout part is done within OpenLDAP libs. >It might be worth testing with newer OpenLDAP lib version 2.1.x. There's >nothing more you can do at Python level. > How do I set the TIMEOUT values with set_option. Could you give me an example of how to set OPT_TIMEOUT and OPT_NETWORK_TIMEOUT to 10 secs?? I had thought from reading the python-ldap docs that simple_bind was an asynchronous operation - that control would be returned to my program immediately after issuing the request. However, on my machine, it blocks - and then times out after around 90secs. Kind of annoying. Is the synchronous/asynchronous nature of the call controlled in the python-ldap module or is it a function of the OpenLDAP libs?? >>My app blocks at the >>id = l.simple_bind(LDAPbindUsername, LDAPbindPassword) >>line and doesn't return until around 90secs later. > >Note that opening the connection is deferred until attempting first the >LDAP operation. The ldap_initialize() function of OpenLDAP libs just >returns a LDAP connection struct without actually connecting to the server. >I guess your simple bind is the first LDAP operation. > >Ciao, Michael. Yes, this seems to be OK. I get program control back immediately after the ldap_open (ldap_initialie worked the same way). Thanks for the response and many thanks for the work you've done on python-ldap. You've helped make developing the app a much simpler task and even kind of fun!! Yours, Jerry. From michael at stroeder.com Tue Mar 4 19:30:08 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 04 Mar 2003 19:30:08 +0100 Subject: Blocking bind.... In-Reply-To: References: Message-ID: <3E64F0B0.3000505@stroeder.com> Jerry Lee wrote: > Michael Str?der wrote: >> Jerry Lee wrote: >>> >>> I recently posted to the list about a problem I am having with bind >>> blocking for a long time before it times out if the server isn't there. >> >> You can elaborate on "the server isn't there"? > > The machine doesn't exist - an ip address that I can't ping. I think it depends whether and which ICMP response your LDAP client receives in this case. > How do I set the TIMEOUT values with set_option. > Could you give me an example of how to set OPT_TIMEOUT and > OPT_NETWORK_TIMEOUT to 10 secs?? >>> l.set_option(ldap.OPT_TIMELIMIT,60.0) >>> l.get_option(ldap.OPT_TIMELIMIT) 60 > Is the synchronous/asynchronous nature of the call controlled in the > python-ldap module or is it a function of the OpenLDAP libs?? It's controlled in the OpenLDAP libs. Updating OpenLDAP could be a good idea. My attempt to implement a result() method which controls the timeout was a CPU hog. Ciao, Michael. From tesno2 at hotmail.com Tue Mar 4 21:16:14 2003 From: tesno2 at hotmail.com (Jerry Lee) Date: Tue, 04 Mar 2003 20:16:14 +0000 Subject: Blocking bind.... Message-ID: Hi Michael, >From: Michael Str?der >To: Jerry Lee >CC: python-ldap-dev at lists.sourceforge.net >Subject: Re: Blocking bind.... >Date: Tue, 04 Mar 2003 19:30:08 +0100 > >Jerry Lee wrote: >>Michael Str?der wrote: >>>Jerry Lee wrote: >>>> >>>>I recently posted to the list about a problem I am having with bind >>>>blocking for a long time before it times out if the server isn't there. >>> >>>You can elaborate on "the server isn't there"? >> >>The machine doesn't exist - an ip address that I can't ping. > >I think it depends whether and which ICMP response your LDAP client >receives in this case. > >>How do I set the TIMEOUT values with set_option. >>Could you give me an example of how to set OPT_TIMEOUT and >>OPT_NETWORK_TIMEOUT to 10 secs?? > > >>> l.set_option(ldap.OPT_TIMELIMIT,60.0) > >>> l.get_option(ldap.OPT_TIMELIMIT) >60 > No joy. The option got set OK but it still doesn't timeout after the TIMELIMIT I specify. >>Is the synchronous/asynchronous nature of the call controlled in the >>python-ldap module or is it a function of the OpenLDAP libs?? > >It's controlled in the OpenLDAP libs. Updating OpenLDAP could be a good >idea. > >My attempt to implement a result() method which controls the timeout was a >CPU hog. > >Ciao, Michael. I'm going to update my OpenLDAP later this week. I'll keep you posted on the results. Thanks for all your help, Jerry. From rayapaneniv at yahoo.com Sun Mar 9 07:07:06 2003 From: rayapaneniv at yahoo.com (Venkateswara Rayapaneni) Date: Sat, 8 Mar 2003 22:07:06 -0800 (PST) Subject: need some help Message-ID: <20030309060706.9753.qmail@web40402.mail.yahoo.com> Hi I am on Solaris9, Sunone Directory server 5.1sp2. I have zope2.6.1 and python2.2.2. When I try to build python-ldap2.0.0pre6 I have all kinds of problems. Does it work on the above config ? The first error for me is: Traceback (most recent call last): File "setup.cfg", line 2, in ? [_ldap] NameError: name '_ldap' is not defined Any help is appreciated thanks rv From jlittle at open-it.org Sun Mar 9 07:38:23 2003 From: jlittle at open-it.org (Joe Little) Date: Sat, 8 Mar 2003 22:38:23 -0800 Subject: need some help In-Reply-To: <20030309060706.9753.qmail@web40402.mail.yahoo.com> Message-ID: The directory server itself doesn't matter, but Python LDAP requires OpenLDAP libraries to build against, and is not presently designed to built against the Solaris 9 provided versions of those libraries. You'll need to build OpenLDAP, use those libraries, and make sure the LD_LIBRARY_PATH points to said libraries when using python-ldap to make it work. On Saturday, March 8, 2003, at 10:07 PM, Venkateswara Rayapaneni wrote: > Hi > I am on Solaris9, Sunone Directory server 5.1sp2. > I have zope2.6.1 and python2.2.2. When I try to build > python-ldap2.0.0pre6 I have all kinds of problems. > Does it work on the above config ? The first error for > me is: > Traceback (most recent call last): > File "setup.cfg", line 2, in ? > [_ldap] > NameError: name '_ldap' is not defined > > Any help is appreciated > thanks > rv > > From michael at stroeder.com Sun Mar 9 16:22:28 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sun, 09 Mar 2003 16:22:28 +0100 Subject: need some help In-Reply-To: <20030309060706.9753.qmail@web40402.mail.yahoo.com> References: <20030309060706.9753.qmail@web40402.mail.yahoo.com> Message-ID: <3E6B5C34.30807@stroeder.com> Venkateswara Rayapaneni wrote: > I am on Solaris9, Sunone Directory server 5.1sp2. > I have zope2.6.1 and python2.2.2. As Joe already pointed out you need the OpenLDAP client libs. > The first error for > me is: > Traceback (most recent call last): > File "setup.cfg", line 2, in ? > [_ldap] > NameError: name '_ldap' is not defined To me it seems you invoked setup.cfg instead setup.py. setup.cfg is the config file for the build/installation script setup.py. After installing OpenLDAP libs and tweaking setup.cfg use $ python setup.py build ^^^ Ciao, Michael. From rnaidu at zeomega.com Mon Mar 10 08:23:46 2003 From: rnaidu at zeomega.com (Rakesh Naidu) Date: Mon, 10 Mar 2003 12:53:46 +0530 Subject: need some help References: <20030309060706.9753.qmail@web40402.mail.yahoo.com> Message-ID: <3E6C3D82.1070203@zeomega.com> hi, i think u need to build python-ldap2.0.0pre6 , perfectly, other wise definitly this problem will persisit. rakesh. www.zeomega.com Venkateswara Rayapaneni wrote: >Hi >I am on Solaris9, Sunone Directory server 5.1sp2. >I have zope2.6.1 and python2.2.2. When I try to build >python-ldap2.0.0pre6 I have all kinds of problems. >Does it work on the above config ? The first error for >me is: >Traceback (most recent call last): > File "setup.cfg", line 2, in ? > [_ldap] >NameError: name '_ldap' is not defined > >Any help is appreciated >thanks >rv > > From michael at stroeder.com Wed Mar 12 14:14:29 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Wed, 12 Mar 2003 14:14:29 +0100 Subject: ldap.pyd license In-Reply-To: <3E6F2035.1030107@groupbc.com> References: <3E6F2035.1030107@groupbc.com> Message-ID: <3E6F32B5.5000900@stroeder.com> Paul Robinson wrote: > > I'm looking for information with regard to the license under which the > Python ldap module can be used and distributed in a commercial > environment. In all the downloads I can find and through all the web > pages available on SourceForge there is no explicit licensing info. > > I only have the "License: Public Domain" statement from the project > homepage on sourceforge to go on. Is there any more info I could feed to > a hungry lawyer? ;-) I try to give an answer. We had this discussion on the python-ldap-dev mailing list (see list archive). While it seemed that there was general consensus that we might prefer the unprecise term "Python Style License" there was no real action taken. Mainly the intention behind saying "Python Style License" is that you can do everything with python-ldap what you're allowed to do with e.g. Python 2.2.x. Not sure if that satisfies your lawyer though. Ciao, Michael. From chris-public at math.uu.se Mon Mar 10 13:40:57 2003 From: chris-public at math.uu.se (Christian Nygaard) Date: Mon, 10 Mar 2003 13:40:57 +0100 (CET) Subject: add_s & posixAccount Message-ID: Hi how do I add account posixAccount info with the add_s operation? //Christian From michael at stroeder.com Wed Mar 12 23:00:24 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Wed, 12 Mar 2003 23:00:24 +0100 Subject: add_s & posixAccount In-Reply-To: References: Message-ID: <3E6FADF8.8080806@stroeder.com> Christian Nygaard wrote: > > Hi how do I add account posixAccount info with the add_s operation? Just like any other entry (see Demo/simple.py) and the right data for posixAccount. Ciao, Michael. From michael at stroeder.com Wed Mar 12 23:00:24 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Wed, 12 Mar 2003 23:00:24 +0100 Subject: add_s & posixAccount In-Reply-To: References: Message-ID: <3E6FADF8.8080806@stroeder.com> Christian Nygaard wrote: > > Hi how do I add account posixAccount info with the add_s operation? Just like any other entry (see Demo/simple.py) and the right data for posixAccount. Ciao, Michael. From michael at stroeder.com Sat Mar 22 14:38:29 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sat, 22 Mar 2003 14:38:29 +0100 Subject: ldap.schema.models bugs? In-Reply-To: References: Message-ID: <3E7C6755.8070905@stroeder.com> Jerry, good catches. Your fixes are committed into CVS. Thanks for taking the time to report the bugs. And glad to see that someone is using ldap.schema... I couldn't get hold of a sub schema sub entry with nameForms, matchingRuleUse and so on. Therefore I'd appreciate to receive test data as LDIF. Ideally if you know a public LDAP server with those attributes set please let me know. Ciao, Michael. Jerry Lee wrote: > > I've been using your schema code and I came across the following in > models.py > > line 337: > > schema_attribute = 'matchingRuleUses' > > should read > > schema_attribute = 'matchingRuleUse' > > and > > line 352: > > assert type(self.obsolete)==type(0) and (type(self.obsolete)==0 or > type(self.obsolete)==1) > > should read > > assert type(self.obsolete)==type(0) and (self.obsolete==0 or > self.obsolete==1) > > > I'm not too sure on the second one - I don't really understand it. > However I was getting errors before the change and so I just copied the > line from the _set_attrs section of MatchinRule and I don't get errors > anymore. > > Thanks for your efforts! > > Jerry. From stuart.b at commonground.com.au Sun Mar 23 11:44:50 2003 From: stuart.b at commonground.com.au (Stuart Bishop) Date: Sun, 23 Mar 2003 21:44:50 +1100 Subject: SASL response is not a SASL BindRequest Message-ID: <7917C220-5D1C-11D7-9346-000393B63DDC@commonground.com.au> Hi. I'm getting stuck with SASL authentication - I believe my code is correct so I'd like to get an opinion on if the bug lies with my code, python-ldap pre6 or CommuniGate Pro (the LDAP server). I can bind using bind_simple_s. My code: import ldap import ldap.sasl login_dn = 'uid=zen,cn=commongroundpublishing.com,o=Common Ground' password = 'secret' l = ldap.open('localhost') auth = ldap.sasl.digest_md5(login_dn,password) l.sasl_bind_s('',auth) l.unbind() The result: SASL/DIGEST-MD5 authentication started Traceback (most recent call last): File "t.py", line 9, in ? l.sasl_bind_s('',auth) File "/usr/local/lib/python2.1/site-packages/ldap/ldapobject.py", line 162, in sasl_bind_s return self._ldap_call(self._l.sasl_bind_s,who,auth) File "/usr/local/lib/python2.1/site-packages/ldap/ldapobject.py", line 94, in _ldap_call result = apply(func,args,kwargs) ldap.LOCAL_ERROR: {'desc': 'Local error', 'info': ''} Server log: 20:55:14.83 5 LDAP connection request from [127.0.0.1], socket=27 20:55:14.83 4 LDAP-00540([127.0.0.1]) got connection on [127.0.0.1], port 389 20:55:14.83 5 LDAP-00540([127.0.0.1]) input request(27): 02 01 01 60 16 02 01 03 04 03 7A 65 6E A3 0C 04 0A 44 49 47 45 53 54 2D 4D 44 35 20:55:14.83 5 LDAP-00540([127.0.0.1]) out: 30 5D 02 01 01 61 58 0A 01 0E 04 00 04 00 04 4F 6E 6F 6E 63 65 3D 22 35 34 30 61 31 30 34 38 34 31 33 33 31 34 61 63 6F 6D 6D 6F 6E 67 72 6F 75 6E 64 70 75 20:55:14.83 5 LDAP-00540([127.0.0.1]) input request(5): 02 01 02 42 00 20:55:14.83 1 LDAP-00540([127.0.0.1]) SASL response is not a SASL BindRequest 20:55:14.83 1 LDAP-00540([127.0.0.1]) BIND failed: SASL protocol has been interrupted 20:55:14.83 5 LDAP-00540([127.0.0.1]) out: 30 2E 02 01 01 61 29 0A 01 31 04 00 04 22 53 41 53 4C 20 70 72 6F 74 6F 63 6F 6C 20 68 61 73 20 62 65 65 6E 20 69 6E 74 65 72 72 75 70 74 65 64 20:55:14.83 3 LDAP-00540([127.0.0.1]) read failed. Error Code=connection closed by peer 20:55:14.83 4 LDAP-00540([127.0.0.1]) closing connection 20:55:14.83 4 LDAP-00540([127.0.0.1]) releasing stream -- Stuart Bishop From michael at stroeder.com Sun Mar 23 14:50:09 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sun, 23 Mar 2003 14:50:09 +0100 Subject: SASL response is not a SASL BindRequest In-Reply-To: <7917C220-5D1C-11D7-9346-000393B63DDC@commonground.com.au> References: <7917C220-5D1C-11D7-9346-000393B63DDC@commonground.com.au> Message-ID: <3E7DBB91.2050604@stroeder.com> Stuart Bishop wrote: > > I'm getting stuck with SASL authentication - I believe my code is > correct so > I'd like to get an opinion on if the bug lies with my code, python-ldap > pre6 > or CommuniGate Pro (the LDAP server). I can bind using bind_simple_s. Are you sure that CommuniGate Pro is an LDAPv3 server and supports SASL bind? Can you please check the rootDSE for attributes supportedSASLMechanisms. > login_dn = 'uid=zen,cn=commongroundpublishing.com,o=Common Ground' > password = 'secret' > > l = ldap.open('localhost') > auth = ldap.sasl.digest_md5(login_dn,password) Note that a SASL user name is normally something like uid at realm. Ciao, Michael. From jens at zope.com Sun Mar 23 18:37:11 2003 From: jens at zope.com (Jens Vagelpohl) Date: Sun, 23 Mar 2003 12:37:11 -0500 Subject: SASL response is not a SASL BindRequest In-Reply-To: <3E7DBB91.2050604@stroeder.com> Message-ID: <1405396E-5D56-11D7-B581-0003939EFEBC@zope.com> i think the last time i checked CommuniGate did not have a complete LDAP server implementation. this might have changed, but when we tried to use the communigate LDAP server internally for LDAP purposes we quickly came against limitations and decided to use OpenLDAP instead. jens On Sunday, Mar 23, 2003, at 08:50 US/Eastern, Michael Str?der wrote: > Stuart Bishop wrote: > > > > I'm getting stuck with SASL authentication - I believe my code is > > correct so > > I'd like to get an opinion on if the bug lies with my code, > python-ldap > > pre6 > > or CommuniGate Pro (the LDAP server). I can bind using bind_simple_s. > > Are you sure that CommuniGate Pro is an LDAPv3 server and supports > SASL bind? Can you please check the rootDSE for attributes > supportedSASLMechanisms. > > > login_dn = 'uid=zen,cn=commongroundpublishing.com,o=Common > Ground' > > password = 'secret' > > > > l = ldap.open('localhost') > > auth = ldap.sasl.digest_md5(login_dn,password) > > Note that a SASL user name is normally something like uid at realm. > > Ciao, Michael. > From ludo at asiatica.org Sun Mar 23 20:13:16 2003 From: ludo at asiatica.org (Ludovico Magnocavallo) Date: Sun, 23 Mar 2003 20:13:16 +0100 Subject: Feature Requests item #707547 (ldap_count_entries) Message-ID: <004101c2f170$421ec860$130aa8c0@pippozzo> As suggested by Michael Str?der, I am expanding a bit on my RFE for adding ldap_count_entries support. I am working for a large Italian bank (don't look at my email, I'm posting from my personal address from home), and we have all our organizational units (a few thousands) and employees (around 60k) on a few OpenLDAP servers. We have the need to extract data from OpenLDAP and manipulate it to create sets of xml files representing a hierarchical view of our organization. We are currently doing this with a set of C programs developed in house, but due to the number of rules we have to apply and the rate at which they change I'm trying to switch the processing from C to Python (the fact that I love Python and the other people working on this project do not is important too, I'm trying to convince them to learn it =)). I'm stuck at trying to generate employee count for each ou, and here's where I got to asking to add support for ldap_count_entries. Retrieving employees for every ou takes too long, I only need a count. Our current C programs use ldap_count_entries. My current options are staying with C, or using PHP which imho is a very poor choice compared to Python. Unfortunately I don't know C/C++ enough to help, and as I said the other developers don't consider Python a choice and won't help (yes, I tried asking.....). Thanks for any help Ludovico Magnocavallo From michael at stroeder.com Sun Mar 23 20:42:32 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sun, 23 Mar 2003 20:42:32 +0100 Subject: Feature Requests item #707547 (ldap_count_entries) In-Reply-To: <004101c2f170$421ec860$130aa8c0@pippozzo> References: <004101c2f170$421ec860$130aa8c0@pippozzo> Message-ID: <3E7E0E28.6090801@stroeder.com> Ludovico, 1. as I said on this list many times C programmers are needed for python-ldap to extend the C extension stuff under Modules/. Are you willing to contribute? 2. If you are willing to contribute to python-ldap please bring your local CVS tree in sync. Ludovico Magnocavallo wrote: > > I'm stuck at trying to generate employee count for each ou, and here's where > I got to asking to add support for ldap_count_entries. From the examples I saw OpenLDAP's ldap_count_entries() is typically used right before ldap_first_entry(). Is that right? Does ldap_count_entries() consume anything from the results returned? Unfortunately the call of ldap_first_entry() in python-ldap is hidden in LDAPmessage_to_python() (see Modules/message.c) which in turn is called by the already overloaded l_ldap_result() (see Modules/LDAPObject.c). Changing anything here would result in a incompatible API change. Now if ldap_count_entries() does not consume anything from the results returned we could try to implement a solution for the following (fictious) Python code using async search: # Start async search, save message ID returned by OpenLDAP API msgid = l.search(...) # Get number of entries in search result entry_count = l.count_entries(msgid) # Get number of search continuations in search result ref_count = l.count_references(msgid) # Get the search results res = l.result(msgid) Does that look sensible to you? > Unfortunately I don't know C/C++ enough to help, Welcome to the club... :-( Ciao, Michael. From michael at stroeder.com Sun Mar 23 20:57:55 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sun, 23 Mar 2003 20:57:55 +0100 Subject: Feature Requests item #707547 (ldap_count_entries) In-Reply-To: <3E7E0E28.6090801@stroeder.com> References: <004101c2f170$421ec860$130aa8c0@pippozzo> <3E7E0E28.6090801@stroeder.com> Message-ID: <3E7E11C3.9090600@stroeder.com> Michael Str?der wrote: > > From the examples I saw OpenLDAP's ldap_count_entries() is typically > used right before ldap_first_entry(). Is that right? Does > ldap_count_entries() consume anything from the results returned? > > Unfortunately the call of ldap_first_entry() in python-ldap is hidden in > LDAPmessage_to_python() (see Modules/message.c) which in turn is called > by the already overloaded l_ldap_result() (see Modules/LDAPObject.c). > Changing anything here would result in a incompatible API change. To rephrase my answer: Unfortunately ldap_count_entries() has to be called *after* ldap_result() and *before* ldap_first_entry(). > Now if ldap_count_entries() does not consume anything from the results > returned we could try to implement a solution for the following > (fictious) Python code using async search: Forget about that. Ciao, Michael. From michael at stroeder.com Mon Mar 24 02:45:44 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Mon, 24 Mar 2003 02:45:44 +0100 Subject: Feature Requests item #707547 (ldap_count_entries) In-Reply-To: <004101c2f170$421ec860$130aa8c0@pippozzo> References: <004101c2f170$421ec860$130aa8c0@pippozzo> Message-ID: <3E7E6348.9070106@stroeder.com> Ludovico Magnocavallo wrote: > > I'm stuck at trying to generate employee count for each ou, and here's where > I got to asking to add support for ldap_count_entries. Retrieving employees > for every ou takes too long, I only need a count. Our current C programs use > ldap_count_entries. After looking into RFC 2251, man-page of ldap_count_entries and draft-ietf-ldapext-ldap-c-api I have some doubts that ldap_count_entries() can count *all* results of search without actually receiving *all* the results. I'd really like to see some snippets of your C code. Especially the parameters you pass to ldap_result(). Ciao, Michael. From stuart.b at commonground.com.au Mon Mar 24 01:00:07 2003 From: stuart.b at commonground.com.au (Stuart Bishop) Date: Mon, 24 Mar 2003 11:00:07 +1100 Subject: SASL response is not a SASL BindRequest In-Reply-To: <3E7DBB91.2050604@stroeder.com> Message-ID: <930E7553-5D8B-11D7-9346-000393B63DDC@commonground.com.au> On Monday, March 24, 2003, at 12:50 AM, Michael Str?der wrote: > Stuart Bishop wrote: > > > > I'm getting stuck with SASL authentication - I believe my code is > > correct so > > I'd like to get an opinion on if the bug lies with my code, > python-ldap > > pre6 > > or CommuniGate Pro (the LDAP server). I can bind using bind_simple_s. > > Are you sure that CommuniGate Pro is an LDAPv3 server and supports > SASL bind? Can you please check the rootDSE for attributes > supportedSASLMechanisms. The root advertises digest-md5, cram-md5 and ntlm in supportedSASLMechanisms. supportedLDAPversion is [2,3] > > > login_dn = 'uid=zen,cn=commongroundpublishing.com,o=Common > Ground' > > password = 'secret' > > > > l = ldap.open('localhost') > > auth = ldap.sasl.digest_md5(login_dn,password) > > Note that a SASL user name is normally something like uid at realm. I've tried changing that and am still getting the same error from both the client and the server logs. I'm also getting similar problems using ldapsearch from openldap, so it looks like a problem with openldap, cyrus-sasl or communigate and not a python-ldap issue. I suspect CommuniGate Pro, as I've tried installs of openldap on two difference platforms now so I'll take it to their forum. -- Stuart Bishop From michael at stroeder.com Sun Mar 30 17:54:12 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sun, 30 Mar 2003 17:54:12 +0200 Subject: MatchingRuleUse In-Reply-To: References: Message-ID: <3E871324.7000702@stroeder.com> Jerry Lee wrote: > > I've been working with ldap.schema.models and came across a problem with > MatchingRuleUse. > > suppose that: > > attrClass = MatchingRuleUse > oids = self.schema.listall(attrClass) > > for oid in oids : > object = self.schema.get_obj(attrClass, oid) > if not isinstance(object, attrClass): > print "Ooopsie!!!!!!!!!!!!!!!!!!!!!!!!!" > print attrClass.schema_attribute + ' *** ' + > object.schema_attribute > > > What happens is I hit the 'if' for every OID. > > That is, the call to get_obj returns an object of class MatchingRule > instead of MatchingRuleUse. Please test(!) ldap.schema from CVS since I reworked it today to maintain separate dictionaries for each schema element class. Ciao, Michael. From michael at stroeder.com Sun Mar 30 17:54:12 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sun, 30 Mar 2003 17:54:12 +0200 Subject: MatchingRuleUse In-Reply-To: References: Message-ID: <3E871324.7000702@stroeder.com> Jerry Lee wrote: > > I've been working with ldap.schema.models and came across a problem with > MatchingRuleUse. > > suppose that: > > attrClass = MatchingRuleUse > oids = self.schema.listall(attrClass) > > for oid in oids : > object = self.schema.get_obj(attrClass, oid) > if not isinstance(object, attrClass): > print "Ooopsie!!!!!!!!!!!!!!!!!!!!!!!!!" > print attrClass.schema_attribute + ' *** ' + > object.schema_attribute > > > What happens is I hit the 'if' for every OID. > > That is, the call to get_obj returns an object of class MatchingRule > instead of MatchingRuleUse. Please test(!) ldap.schema from CVS since I reworked it today to maintain separate dictionaries for each schema element class. Ciao, Michael.