[python3-ldap] python3-ldap version 0.9.4 is released

[python3ldap]

Hello everybody,
I've released the 0.9.4 version of python3-ldap. There are two major
implementation in this release: a simple extended operation framework
and the use of the ssl.SSLContext standard library class (from python
3.4 onward).

There is a new namespace ldap3.extend that contains standard extended
operation. You don't need to access it but you can find all the
defined extended operation in the extend attribute of the connection.
This attribute is quite peculiar, it has a shallow hierarchy of the
extended operations defined in python3-ldap. For now the structure is
the following:
connection.extend.
connection.extend.standard.
connection.extend.standard.who_am_i()
connection.extend.standard.modify_password(user, old_password, new_password)
connection.extend.novell
connection.extend.novell.get_bind_db()

Just call the extend operation in the usual way, for example:

c = Connection(....)
c.bind()
i_am = c.extend.standard.who_am_i()

The payload of these extended operation is properly encoded and
decoded. When available you should get the response value as the
return value of the function and as an additional field of the result
dictionary

I will add addtional extended operation as the library evolves.


The use of ssl.SSLContext make tls operation more flexible, It now
integrates with the system wide Certification Authorities and also
ensure that there are "reasonable" security default when using the tls
layer. It's now also possible to specify a file system path containing
the CA file or even pass certificate data "on the fly". When defining
the Tls object you have the following parameters available:

ca_cert_file: the usual link to the certification authority chain of
certificates
ca_cert_path: a link to a path containing the certification
authorities certificates (reashed, as expected by OpenSSL)
ca_cert_data: CA certificate data stored in memory

if you leave all these parameter to None the SSLContext will use the
system wide certificate store (ssl path on linux, CA stores on
Windows)

If the SSLContext is not available the library will fall back to the
ssl wrapped socket mechanism.



This is the changelog for 0.9.4:

* 0.9.4 2014.07.02
    - when running in python 3.4 or newer now Tls class uses
SSLContext object with default secure setting
    - added parameters ca_certs_path, ca_certs_data,
local_private_key_password to Tls object creation, valid when using
SSLContext
    - in python 3.4 or newer the system CA certificates configuration
can be used (just leave ca_cert_file, ca_certs_path and ca_certs_data
set to None)
    - removed TLSv1 as default for Tls connection
    - upgraded backported ssl function from python 3.4.1 when using
with python 2
    - when creating a connection server can now be a string, the name
of the server to connect in cleartext on default port 389
    - fixed bug in escape_bytes
    - attributes parameter in search can be a tuple
    - check_names parameter in connection now defaults to True (so if
schema info is available attribute and class name will be checked when
performing LDAP operations)
    - remove the connection.close() method - you must use connection.unbind()
    - new exception LDAPExtensionError for signaling when the
requestValue of extended operation is of unknown ASN1 type
    - exiting connection manager doesn't raise exception if unbind is
not successful (needed in long operations)
    - new extended operation: modify_password (RFC3062)
    - new extended operation: who_am_i (RFC4532)
    - new extended operation: get_bind_dn (Novell)
    - updated setuptools to version 5.3


Have fun,
Giovanni