Skip to content

Remove workaround for OpenLDAP NSS issue #112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Dec 7, 2017
Merged

Remove workaround for OpenLDAP NSS issue #112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions Doc/installing.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,29 @@ on the local system when building python-ldap:
.. _Cyrus SASL: https://www.cyrusimap.org/sasl/


Debian
------

Packages for building and testing::

apt-get install build-essential python3-dev python2.7-dev libldap2-dev \
libsasl2-dev slapd ldap-utils python-tox valgrind


Fedora
------

Packages for building and testing::

dnf install "@C Development Tools and Libraries" openldap-devel \
python2-devel python3-devel python3-tox valgrind clang-analyzer

.. note::

``openldap-2.4.45-2`` (Fedora 26), ``openldap-2.4.45-4`` (Fedora 27) or
newer are required.


setup.cfg
=========

Expand Down
10 changes: 1 addition & 9 deletions Lib/slapdtest/_slapdtest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,21 +76,13 @@ def skip_unless_ci(reason, feature=None):
return identity


def requires_tls(skip_nss=False):
def requires_tls():
"""Decorator for TLS tests

Tests are not skipped on CI (e.g. Travis CI)

:param skip_nss: Skip test when libldap is compiled with NSS as TLS lib
"""
if not ldap.TLS_AVAIL:
return skip_unless_ci("test needs ldap.TLS_AVAIL", feature='TLS')
elif skip_nss and ldap.get_option(ldap.OPT_X_TLS_PACKAGE) == 'MozNSS':
return skip_unless_ci(
"Test doesn't work correctly with Mozilla NSS, see "
"https://bugzilla.redhat.com/show_bug.cgi?id=1519167",
feature="NSS"
)
else:
return identity

Expand Down
8 changes: 4 additions & 4 deletions Tests/t_cext.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -817,7 +817,7 @@ def test_invalid_controls(self):
l.sasl_interactive_bind_s, 'who', 'SASLObject', post=(1,))
self.assertInvalidControls(l.unbind_ext)

@requires_tls(skip_nss=True)
@requires_tls()
def test_tls_ext(self):
l = self._open_conn(bind=False)
# StartTLS needs LDAPv3
Expand All @@ -827,7 +827,7 @@ def test_tls_ext(self):
l.set_option(_ldap.OPT_X_TLS_NEWCTX, 0)
l.start_tls_s()

@requires_tls(skip_nss=False)
@requires_tls()
def test_tls_ext_noca(self):
l = self._open_conn(bind=False)
l.set_option(_ldap.OPT_PROTOCOL_VERSION, _ldap.VERSION3)
Expand All @@ -844,7 +844,7 @@ def test_tls_ext_noca(self):
if not any(s in msg.lower() for s in candidates):
self.fail(msg)

@requires_tls(skip_nss=True)
@requires_tls()
def test_tls_ext_clientcert(self):
l = self._open_conn(bind=False)
l.set_option(_ldap.OPT_PROTOCOL_VERSION, _ldap.VERSION3)
Expand All @@ -855,7 +855,7 @@ def test_tls_ext_clientcert(self):
l.set_option(_ldap.OPT_X_TLS_NEWCTX, 0)
l.start_tls_s()

@requires_tls(skip_nss=False)
@requires_tls()
def test_tls_packages(self):
# libldap has tls_g.c, tls_m.c, and tls_o.c with ldap_int_tls_impl
package = _ldap.get_option(_ldap.OPT_X_TLS_PACKAGE)
Expand Down
2 changes: 1 addition & 1 deletion Tests/t_ldap_sasl.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ def test_external_ldapi(self):
"dn:{}".format(self.server.root_dn.lower())
)

@requires_tls(skip_nss=True)
@requires_tls()
def test_external_tlscert(self):
ldap_conn = self.ldap_object_class(self.server.ldap_uri)
ldap_conn.set_option(ldap.OPT_X_TLS_CACERTFILE, self.server.cafile)
Expand Down
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy