From a846ea900f9fa7a2baaa4fbd0742f080e7fd7a04 Mon Sep 17 00:00:00 2001
From: Luke Kanies <luke@madstop.com>
Date: Thu, 16 Aug 2007 21:21:40 -0500
Subject: The new parser configuration object works now, but the rest of the
 compiling process is hosed (although the parser itself should still be fine).

The configuration object is unifying a lot of work
that was scattered around either the interpreter or
the scopes, and it simplifies the whole system.

However, its new simplicity has made the complexity
of the rest of the system that much more apparent,
and I am resolved to fixing the system rather than
hacking it sufficiently to just make it work.
---
 lib/puppet/node_source/ldap.rb | 40 ++++++++++++++++++++++++++++++----------
 1 file changed, 30 insertions(+), 10 deletions(-)

(limited to 'lib/puppet/node_source')

diff --git a/lib/puppet/node_source/ldap.rb b/lib/puppet/node_source/ldap.rb
index 9332fcb40..7b60a3c62 100644
--- a/lib/puppet/node_source/ldap.rb
+++ b/lib/puppet/node_source/ldap.rb
@@ -4,14 +4,6 @@ Puppet::Network::Handler::Node.newnode_source(:ldap, :fact_merge => true) do
     # Find the ldap node, return the class list and parent node specially,
     # and everything else in a parameter hash.
     def ldapsearch(node)
-        unless defined? @ldap and @ldap
-            setup_ldap()
-            unless @ldap
-                Puppet.info "Skipping ldap source; no ldap connection"
-                return nil
-            end
-        end
-
         filter = Puppet[:ldapstring]
         classattrs = Puppet[:ldapclassattrs].split("\s*,\s*")
         if Puppet[:ldapattrs] == "all"
@@ -42,7 +34,7 @@ Puppet::Network::Handler::Node.newnode_source(:ldap, :fact_merge => true) do
 
         begin
             # We're always doing a sub here; oh well.
-            @ldap.search(Puppet[:ldapbase], 2, filter, search_attrs) do |entry|
+            ldap.search(Puppet[:ldapbase], 2, filter, search_attrs) do |entry|
                 found = true
                 if pattr
                     if values = entry.vals(pattr)
@@ -76,7 +68,6 @@ Puppet::Network::Handler::Node.newnode_source(:ldap, :fact_merge => true) do
             if count == 0
                 # Try reconnecting to ldap
                 @ldap = nil
-                setup_ldap()
                 retry
             else
                 raise Puppet::Error, "LDAP Search failed: %s" % detail
@@ -115,4 +106,33 @@ Puppet::Network::Handler::Node.newnode_source(:ldap, :fact_merge => true) do
 
         return newnode(node, :classes => classes, :source => "ldap", :parameters => parameters)
     end
+
+    private
+
+    # Create an ldap connection.
+    def ldap
+        unless defined? @ldap and @ldap
+            unless Puppet.features.ldap?
+                raise Puppet::Error, "Could not set up LDAP Connection: Missing ruby/ldap libraries"
+            end
+            begin
+                if Puppet[:ldapssl]
+                    @ldap = LDAP::SSLConn.new(Puppet[:ldapserver], Puppet[:ldapport])
+                elsif Puppet[:ldaptls]
+                    @ldap = LDAP::SSLConn.new(
+                        Puppet[:ldapserver], Puppet[:ldapport], true
+                    )
+                else
+                    @ldap = LDAP::Conn.new(Puppet[:ldapserver], Puppet[:ldapport])
+                end
+                @ldap.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+                @ldap.set_option(LDAP::LDAP_OPT_REFERRALS, LDAP::LDAP_OPT_ON)
+                @ldap.simple_bind(Puppet[:ldapuser], Puppet[:ldappassword])
+            rescue => detail
+                raise Puppet::Error, "Could not connect to LDAP: %s" % detail
+            end
+        end
+
+        return @ldap
+    end
 end
-- 
cgit