Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Referral chasing crash #51

Merged
merged 1 commit into from
Jul 14, 2019
Merged

Referral chasing crash #51

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 4 additions & 7 deletions flask_simpleldap/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@ def init_app(app):
:param flask.Flask app: the application to configure for use with
this :class:`~LDAP`
"""

app.config.setdefault('LDAP_HOST', 'localhost')
app.config.setdefault('LDAP_PORT', 389)
app.config.setdefault('LDAP_SCHEMA', 'ldap')
Expand Down Expand Up @@ -163,7 +162,6 @@ def get_object_details(self, user=None, group=None, dn_only=False):
:param bool dn_only: If we should only retrieve the object's
distinguished name or not. Default: ``False``.
"""

query = None
fields = None
if user is not None:
Expand All @@ -180,7 +178,6 @@ def get_object_details(self, user=None, group=None, dn_only=False):
try:
records = conn.search_s(current_app.config['LDAP_BASE_DN'],
ldap.SCOPE_SUBTREE, query, fields)

conn.unbind_s()
result = {}
if records:
Expand All @@ -194,9 +191,10 @@ def get_object_details(self, user=None, group=None, dn_only=False):
dn = records[0][1][
current_app.config['LDAP_OBJECTS_DN']]
return dn[0]
for k, v in list(records[0][1].items()):
result[k] = v
return result
if type(records[0][1]) == 'dict':
for k, v in list(records[0][1].items()):
result[k] = v
return result
except ldap.LDAPError as e:
raise LDAPException(self.error(e.args))

Expand Down Expand Up @@ -368,7 +366,6 @@ def wrapped(*args, **kwargs):
else:
req_username = request.authorization.username
req_password = request.authorization.password

# Many LDAP servers will grant you anonymous access if you log in
# with an empty password, even if you supply a non-anonymous user
# ID, causing .bind_user() to return True. Therefore, only accept
Expand Down