readme

cannatag · Aug 17, 2020 · 5cfc420 · robertquitt · Dec 9, 2020 · 5cfc420
1 parent 270df58
commit 5cfc420
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 15 deletions.
diff --git a/ldap3/__init__.py b/ldap3/__init__.py
@@ -37,11 +37,11 @@
 KERBEROS = GSSAPI = 'GSSAPI'
 PLAIN = 'PLAIN'
 
-AUTO_BIND_DEFAULT = 'DEFAULT'  # binds connection whens using "with" context manager
-AUTO_BIND_NONE = 'NONE'  # same as False
-AUTO_BIND_NO_TLS = 'NO_TLS'  # same as True
-AUTO_BIND_TLS_BEFORE_BIND = 'TLS_BEFORE_BIND'
-AUTO_BIND_TLS_AFTER_BIND = 'TLS_AFTER_BIND'
+AUTO_BIND_DEFAULT = 'DEFAULT'  # binds connection when using "with" context manager
+AUTO_BIND_NONE = 'NONE'  # same as False, no bind is performed
+AUTO_BIND_NO_TLS = 'NO_TLS'  # same as True, bind is performed without tls
+AUTO_BIND_TLS_BEFORE_BIND = 'TLS_BEFORE_BIND'  # start_tls is performed before bind
+AUTO_BIND_TLS_AFTER_BIND = 'TLS_AFTER_BIND'  # start_tls is performed after bind
 
 # server IP dual stack mode
 IP_SYSTEM_DEFAULT = 'IP_SYSTEM_DEFAULT'

diff --git a/ldap3/core/connection.py b/ldap3/core/connection.py
@@ -530,7 +530,8 @@ def __enter__(self):
                 if self.closed:
                     self.open()
                 if not self.bound:
-                    self.bind()
+                    if not self.bind():
+                        raise LDAPBindError('unable to bind')
 
             return self
 
@@ -709,7 +710,10 @@ def rebind(self,
                 try:
                     return self.bind(read_server_info, controls)
                 except LDAPSocketReceiveError:
-                    raise LDAPBindError('Unable to rebind as a different user, furthermore the server abruptly closed the connection')
+                    self.last_error = 'Unable to rebind as a different user, furthermore the server abruptly closed the connection'
+                    if log_enabled(ERROR):
+                        log(ERROR, '%s for <%s>', self.last_error, self)
+                    raise LDAPBindError(self.last_error)
             else:
                 self.strategy.pool.rebind_pool()
                 return self._prepare_return_value(True, self.result)
@@ -819,7 +823,10 @@ def search(self,
                     else:
                         attribute_name_to_check = attribute_name
                     if self.server.schema and attribute_name_to_check.lower() not in conf_attributes_excluded_from_check and attribute_name_to_check not in self.server.schema.attribute_types:
-                        raise LDAPAttributeError('invalid attribute type ' + attribute_name_to_check)
+                        self.last_error = 'invalid attribute type ' + attribute_name_to_check
+                        if log_enabled(ERROR):
+                            log(ERROR, '%s for <%s>', self.last_error, self)
+                        raise LDAPAttributeError(self.last_error)
 
             request = search_operation(search_base,
                                        search_filter,
@@ -885,10 +892,16 @@ def compare(self,
                 attribute_name_to_check = attribute
 
             if self.server.schema.attribute_types and attribute_name_to_check.lower() not in conf_attributes_excluded_from_check and attribute_name_to_check not in self.server.schema.attribute_types:
-                raise LDAPAttributeError('invalid attribute type ' + attribute_name_to_check)
+                self.last_error = 'invalid attribute type ' + attribute_name_to_check
+                if log_enabled(ERROR):
+                    log(ERROR, '%s for <%s>', self.last_error, self)
+                raise LDAPAttributeError(self.last_error)
 
         if isinstance(value, SEQUENCE_TYPES):  # value can't be a sequence
-            raise LDAPInvalidValueError('value cannot be a sequence')
+            self.last_error = 'value cannot be a sequence'
+            if log_enabled(ERROR):
+                log(ERROR, '%s for <%s>', self.last_error, self)
+            raise LDAPInvalidValueError(self.last_error)
 
         with self.connection_lock:
             self._fire_deferred()
@@ -970,7 +983,10 @@ def add(self,
             if self.server and self.server.schema and self.check_names:
                 for object_class_name in _attributes[object_class_attr_name]:
                     if object_class_name.lower() not in conf_classes_excluded_from_check and object_class_name not in self.server.schema.object_classes:
-                        raise LDAPObjectClassError('invalid object class ' + str(object_class_name))
+                        self.last_error = 'invalid object class ' + str(object_class_name)
+                        if log_enabled(ERROR):
+                            log(ERROR, '%s for <%s>', self.last_error, self)
+                        raise LDAPObjectClassError(self.last_error)
 
                 for attribute_name in _attributes:
                     if ';' in attribute_name:  # remove tags for checking
@@ -979,7 +995,10 @@ def add(self,
                         attribute_name_to_check = attribute_name
 
                     if attribute_name_to_check.lower() not in conf_attributes_excluded_from_check and attribute_name_to_check not in self.server.schema.attribute_types:
-                        raise LDAPAttributeError('invalid attribute type ' + attribute_name_to_check)
+                        self.last_error = 'invalid attribute type ' + attribute_name_to_check
+                        if log_enabled(ERROR):
+                            log(ERROR, '%s for <%s>', self.last_error, self)
+                        raise LDAPAttributeError(self.last_error)
 
             request = add_operation(dn, _attributes, self.auto_encode, self.server.schema if self.server else None, validator=self.server.custom_validator if self.server else None, check_names=self.check_names)
             if log_enabled(PROTOCOL):
@@ -1097,7 +1116,10 @@ def modify(self,
                         attribute_name_to_check = attribute_name
 
                     if self.server.schema.attribute_types and attribute_name_to_check.lower() not in conf_attributes_excluded_from_check and attribute_name_to_check not in self.server.schema.attribute_types:
-                        raise LDAPAttributeError('invalid attribute type ' + attribute_name_to_check)
+                        self.last_error = 'invalid attribute type ' + attribute_name_to_check
+                        if log_enabled(ERROR):
+                            log(ERROR, '%s for <%s>', self.last_error, self)
+                        raise LDAPAttributeError(self.last_error)
                 change = changes[attribute_name]
                 if isinstance(change, SEQUENCE_TYPES) and change[0] in [MODIFY_ADD, MODIFY_DELETE, MODIFY_REPLACE, MODIFY_INCREMENT, 0, 1, 2, 3]:
                     if len(change) != 2:
@@ -1569,8 +1591,9 @@ def _get_entries(self, search_response, search_request):
                             entries.append(entry)
                             break
                     else:
+                        self.last_error = 'attribute set not found for ' + str(resp_attr_set)
                         if log_enabled(ERROR):
-                            log(ERROR, 'attribute set not found for %s in <%s>', resp_attr_set, self)
-                        raise LDAPObjectError('attribute set not found for ' + str(resp_attr_set))
+                            log(ERROR, self.last_error, self)
+                        raise LDAPObjectError(self.last_error)
 
         return entries