Merge pull request #35 from cannatag/dev

Dev

README.rst

@@ -88,12 +88,25 @@ For information and suggestions you can contact me at cannatag@gmail.com or you
 Changelog
 ---------
 
+* 0.9.8.1 2015.04.04
+    - Added NTLMv2 authentication method
+    - extend.standard.who_am_i() now try to decode the authzid as unicode
+    - tests for AD (Active Directory) now use tls_before_bind when opening a connection
+    - 0.9.8 not working for pypi problems
+
+* 0.9.7.12 2015.03.18
+    - Fixed missing optional authzid in digestMD5 sasl mechanism (thanks Damiano)
+    - Changed unneeded classmethods to staticmethods
+
+* 0.9.7.11 2015.03.12
+    - Fixed address_info resolution on systems without the IPV4MAPPED flag (thanks Andryi)
+
 * 0.9.7.10 2015.02.28
     - Fixed bug in PagedSearch when server has a hard limit on the number of entries returned (thanks Reimar)
-    - 0.9.7.6 not working for pypi problems
-    - 0.9.7.7 not working for pypi problems
-    - 0.9.7.8 not working for pypi problems
     - 0.9.7.9 not working for pypi problems
+    - 0.9.7.8 not working for pypi problems
+    - 0.9.7.7 not working for pypi problems
+    - 0.9.7.6 not working for pypi problems
 
 * 0.9.7.5 2015.02.20
     - Fixed exception raised when opening a connection to a server. If there is only one candidate address and there is an error it returns the specific Exception, not a generic LDAPException error

_changelog.txt

@@ -1,9 +1,22 @@
+* 0.9.8.1 2015.04.04
+    - Added NTLMv2 authentication method
+    - extend.standard.who_am_i() now try to decode the authzid as unicode
+    - tests for AD (Active Directory) now use tls_before_bind when opening a connection
+    - 0.9.8 not working for pypi problems
+
+* 0.9.7.12 2015.03.18
+    - Fixed missing optional authzid in digestMD5 sasl mechanism (thanks Damiano)
+    - Changed unneeded classmethods to staticmethods
+
+* 0.9.7.11 2015.03.12
+    - Fixed address_info resolution on systems without the IPV4MAPPED flag (thanks Andryi)
+
 * 0.9.7.10 2015.02.28
     - Fixed bug in PagedSearch when server has a hard limit on the number of entries returned (thanks Reimar)
-    - 0.9.7.6 not working for pypi problems
-    - 0.9.7.7 not working for pypi problems
-    - 0.9.7.8 not working for pypi problems
     - 0.9.7.9 not working for pypi problems
+    - 0.9.7.8 not working for pypi problems
+    - 0.9.7.7 not working for pypi problems
+    - 0.9.7.6 not working for pypi problems
 
 * 0.9.7.5 2015.02.20
     - Fixed exception raised when opening a connection to a server. If there is only one candidate address and there is an error it returns the specific Exception, not a generic LDAPException error

_version.json

@@ -6,6 +6,6 @@
     "url": "https://github.com/cannatag/ldap3",
     "description": "A strictly RFC 4511 conforming LDAP V3 pure Python client. Same codebase for Python 2, Python3, PyPy and PyPy 3",
     "author": "Giovanni Cannata",
-    "version": "0.9.7.10",
+    "version": "0.9.8.1",
     "license": "LGPL v3"
 }

docs/manual/source/connections.rst

@@ -34,7 +34,7 @@ Connection parameters are:
 
 * version: LDAP protocol version (defaults to 3)
 
-* authentication: authentication method, can be one of AUTH_ANONYMOUS, AUTH_SIMPLE or AUTH_SASL (aliased with ANONYMOUS, SIMPLE, SASL). Defaults to AUTH_ANONYMOUS if user and password are both None else defaults to AUTH_SIMPLE
+* authentication: authentication method, can be one of AUTH_ANONYMOUS, AUTH_SIMPLE or AUTH_SASL (aliased with ANONYMOUS, SIMPLE, SASL) and NTLM. Defaults to AUTH_ANONYMOUS if user and password are both None else defaults to AUTH_SIMPLE. NTLM uses NTLMv2 authentication. Username must be in the form of domain\user.
 
 * client_strategy: communication strategy used by the client (defaults to STRATEGY_SYNC)
 

docs/manual/source/servers.rst

@@ -8,7 +8,7 @@ The Server object specify the DSA (Directory Server Agent) LDAP server that will
 
 * host: name or ip or the complete url in the scheme://hostname:hostport format of the server (required) - port and scheme defined here have precedence over the parameters port and use_tls
 
-* port: the port where the DSA server is listening (defaults to 386, for a cleartext connection)
+* port: the port where the DSA server is listening (defaults to 389, for a cleartext connection)
 
 * use_ssl: specifies if the connection is on a secure port (defaults to False). When True the secure port is usually set to 636
 

docs/manual/source/ssltls.rst

@@ -19,14 +19,15 @@ You can customize the Tls object with references to keys, certificates and CAs.
 
 * local_private_key_file: the file with the private key of the client
 * local_certificate_file: the certificate of the server
-* validate: speficies if the server certificate must be validated, values can be: CERT_NONE (certificates are ignored), CERT_OPTIONAL (not required, but validated if provided) and CERT_REQUIRED (required and validated)
-* version: SSL or TLS version to use, can be one of the following: SSLv2, SSLv3, SSLv23, TLSv1 (as per Python 3.3. The version list can be different in another Python versions)
+* validate: specifies if the server certificate must be validated, values can be: CERT_NONE (certificates are ignored), CERT_OPTIONAL (not required, but validated if provided) and CERT_REQUIRED (required and validated)
+* version: SSL or TLS version to use, can be one of the following: SSLv2, SSLv3, SSLv23, TLSv1 (as per Python 3.3. The version list can be different in other Python versions)
 * ca_certs_file: the file containing the certificates of the certification authorities
 
 Tls object uses the ssl module of the Python standard library with additional checking functions that are missing from the Python 2 standard library.
 
 The needed constants are defined in the ssl package.
 
+IF you don't use a specific Tls object and set use_tls=True in the Server definition, a default Tls object will be used, it has no certificate files, uses the ssl.PROTOCOL_SSLv23 (if available in your Python interpreter) and performs no validation of the server certificate. It's recommended to set validate=ssl.CERT_REQUIRED to verify the certificate server.
 Example::
 
     tls = Tls(local_private_key_file='client_private_key.pem', local_certificate_file='client_cert.pem', validate=ssl.CERT_REQUIRED, version=ssl.PROTOCOL_TLSv1, ca_certs_file='ca_certs.b64')