Merge pull request #967 from cannatag/fix-reverse-dns-again

Fix ReverseDNSSettings again
cannatag · Jul 15, 2021 · ce4c7bb · ce4c7bb
2 parents a7ec261 + 2832895
commit ce4c7bb
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 1 deletion.
diff --git a/ldap3/__init__.py b/ldap3/__init__.py
@@ -141,6 +141,7 @@
 from .core.connection import Connection
 from .core.tls import Tls
 from .core.pooling import ServerPool
+from .core.rdns import ReverseDnsSetting
 from .abstract.objectDef import ObjectDef
 from .abstract.attrDef import AttrDef
 from .abstract.attribute import Attribute, WritableAttribute, OperationalAttribute

diff --git a/ldap3/core/rdns.py b/ldap3/core/rdns.py
@@ -32,6 +32,8 @@ class ReverseDnsSetting(object):
     REQUIRE_RESOLVE_IP_ADDRESSES_ONLY = 2,
     OPTIONAL_RESOLVE_ALL_ADDRESSES = 3,
     OPTIONAL_RESOLVE_IP_ADDRESSES_ONLY = 4,
+    SUPPORTED_VALUES = {OFF, REQUIRE_RESOLVE_ALL_ADDRESSES, REQUIRE_RESOLVE_IP_ADDRESSES_ONLY,
+                        OPTIONAL_RESOLVE_ALL_ADDRESSES, OPTIONAL_RESOLVE_IP_ADDRESSES_ONLY}
 
 
 def get_hostname_by_addr(addr, success_required=True):

diff --git a/ldap3/protocol/sasl/kerberos.py b/ldap3/protocol/sasl/kerberos.py
@@ -129,7 +129,7 @@ def _common_determine_target_name(connection):
     if connection.sasl_credentials[0] is True:
         hostname = get_hostname_by_addr(connection.socket.getpeername()[0])
         target_name = 'ldap@' + hostname
-    elif isinstance(connection.sasl_credentials[0], ReverseDnsSetting):
+    elif connection.sasl_credentials[0] in ReverseDnsSetting.SUPPORTED_VALUES:
         rdns_setting = connection.sasl_credentials[0]
         # if the rdns_setting is OFF then we won't enter any branch here and will leave hostname as server host,
         # so we'll just use the server host, whatever it is

diff --git a/test/testRdns.py b/test/testRdns.py
@@ -41,6 +41,15 @@ def test_no_broken_backwards_compat_in_enum(self):
         self.assertEqual(ReverseDnsSetting.OPTIONAL_RESOLVE_ALL_ADDRESSES, (3,), fail_msg)
         self.assertEqual(ReverseDnsSetting.OPTIONAL_RESOLVE_IP_ADDRESSES_ONLY, (4,), fail_msg)
 
+        fail_msg = ('Removing values from the set of supported values for reverse dns settings will break '
+                    'backwards compatibility for existing clients on older versions of the ldap3 package. '
+                    'Please do not remove values.')
+        self.assertTrue(ReverseDnsSetting.OFF in ReverseDnsSetting.SUPPORTED_VALUES, fail_msg)
+        self.assertTrue(ReverseDnsSetting.REQUIRE_RESOLVE_ALL_ADDRESSES in ReverseDnsSetting.SUPPORTED_VALUES, fail_msg)
+        self.assertTrue(ReverseDnsSetting.REQUIRE_RESOLVE_IP_ADDRESSES_ONLY in ReverseDnsSetting.SUPPORTED_VALUES, fail_msg)
+        self.assertTrue(ReverseDnsSetting.OPTIONAL_RESOLVE_ALL_ADDRESSES in ReverseDnsSetting.SUPPORTED_VALUES, fail_msg)
+        self.assertTrue(ReverseDnsSetting.OPTIONAL_RESOLVE_IP_ADDRESSES_ONLY in ReverseDnsSetting.SUPPORTED_VALUES, fail_msg)
+
     def test_ipv4_ip_addr_checking(self):
         valid = is_ip_addr('10.254.76.5')
         self.assertTrue(valid, 'IPv4 addresses should be identified as ip addresses')