oss/Radicale
oss/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-09-30 21:12:05 +00:00
Code Wiki Activity

LDAP auth: get rid of helper property '_use_encryption'

Browse source 
Inferring 'ldap_security' in earlier commits, allows us to get rid of
the helper property '_use_encryption', streamlining the code.
This commit is contained in:
Peter Marschall 2025-09-14 12:22:18 +02:00
parent b21549b998
commit f8b15eb122
1 changed files with 2 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
radicale/auth/ldap.py
View file

@ -67,7 +67,6 @@ class Auth(auth.BaseAuth):
_ldap_group_filter: str _ldap_group_filter: str
_ldap_group_members_attr: str _ldap_group_members_attr: str
_ldap_module_version: int = 3 _ldap_module_version: int = 3
_use_encryption: bool = False
_ldap_security: str = "none" _ldap_security: str = "none"
_ldap_ssl_verify_mode: int = ssl.CERT_REQUIRED _ldap_ssl_verify_mode: int = ssl.CERT_REQUIRED
_ldap_ssl_ca_file: str = "" _ldap_ssl_ca_file: str = ""
@ -103,7 +102,6 @@ class Auth(auth.BaseAuth):
self._ldap_secret = file.read().rstrip('\n') self._ldap_secret = file.read().rstrip('\n')
self._ldap_security = configuration.get("auth", "ldap_security") self._ldap_security = configuration.get("auth", "ldap_security")
ldap_use_ssl = configuration.get("auth", "ldap_use_ssl") ldap_use_ssl = configuration.get("auth", "ldap_use_ssl")
self._use_encryption = ldap_use_ssl or self._ldap_security in ("tls", "starttls")
if ldap_use_ssl: if ldap_use_ssl:
logger.warning("Configuration uses deprecated 'ldap_use_ssl': use 'ldap_security' ('none', 'tls', 'starttls') instead.") logger.warning("Configuration uses deprecated 'ldap_use_ssl': use 'ldap_security' ('none', 'tls', 'starttls') instead.")
if self._ldap_security == "starttls": if self._ldap_security == "starttls":
@ -165,7 +163,7 @@ class Auth(auth.BaseAuth):
raise RuntimeError("LDAP authentication requires ldap_secret for ldap_reader_dn") raise RuntimeError("LDAP authentication requires ldap_secret for ldap_reader_dn")
logger.info("auth.ldap_use_ssl : %s" % ldap_use_ssl) logger.info("auth.ldap_use_ssl : %s" % ldap_use_ssl)
logger.info("auth.ldap_security : %s" % self._ldap_security) logger.info("auth.ldap_security : %s" % self._ldap_security)
if self._use_encryption: if self._ldap_security in ("tls", "starttls"):
logger.info("auth.ldap_ssl_verify_mode : %s" % self._ldap_ssl_verify_mode) logger.info("auth.ldap_ssl_verify_mode : %s" % self._ldap_ssl_verify_mode)
if self._ldap_ssl_ca_file: if self._ldap_ssl_ca_file:
logger.info("auth.ldap_ssl_ca_file : %r" % self._ldap_ssl_ca_file) logger.info("auth.ldap_ssl_ca_file : %r" % self._ldap_ssl_ca_file)
@ -272,7 +270,7 @@ class Auth(auth.BaseAuth):
"""Connect the server""" """Connect the server"""
try: try:
logger.debug(f"_login3 {self._ldap_uri}, {self._ldap_reader_dn}") logger.debug(f"_login3 {self._ldap_uri}, {self._ldap_reader_dn}")
if self._use_encryption: if self._ldap_security in ("tls", "starttls"):
logger.debug("_login3 using encryption (reader)") logger.debug("_login3 using encryption (reader)")
tls = self.ldap3.Tls(validate=self._ldap_ssl_verify_mode) tls = self.ldap3.Tls(validate=self._ldap_ssl_verify_mode)
if self._ldap_ssl_ca_file != "": if self._ldap_ssl_ca_file != "":