[python-ldap] connect via a socket object
Michael Ströder
michael at stroeder.com
Mon May 30 19:23:20 CEST 2011
Salman Aljammaz wrote:
> 2011/5/29 Michael Ströder<michael at stroeder.com>:
>> Not yet. One could wrap OpenLDAP's function ldap_init_fd() for that purpose.
>> Feel free to submit a patch. But not sure whether ldap_init_fd() is already
>> present in the OpenLDAP libs you're using.
>
> thanks, i'll have a look at that. i'm not sure i have the time to
> promise anything now but i'll send a patch if i ever get around to it
> :-)
>
>> Maybe I don't get the point. Normally VPNs are invisible to LDAP connections
>> since they route IP packets. What's so special with your VPN?
>
> heh, maybe vpn wasn't the correct word here. it's behind a firewall,
> and i'm currently just setting up a (transparent) vpn connection. but
> that's a privileged operation and is not an option where this
> application will eventually be deployed.
Could you please be more clear how you want to pass your firewall?
SOCKS?
HTTP with CONNECT method?
You probably have to clarify this with your security department.
> the alternative would be to set up an ssh tunnel. i was thinking of
> using paramiko and passing its connection to python-ldap. the uglier
> approach is to run /bin/ssh with port forwarding (-L) whenever the
> connection is needed, which seems to be what i'll be doing :-)
Using SSH tunneling (poor man's VPN) is a "privileged operation" too.
Ciao, Michael.
More information about the python-ldap
mailing list