From cacb41e93b377496e77f824f4f1b0ce206da0bed Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Tue, 17 Mar 2015 20:25:18 -0400
Subject: Add LDAP test

This finally tests the LDAP login/info plugins as well as the special
"groups" attribute.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/info/infoldap.py  | 7 ++++++-
 ipsilon/login/authldap.py | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

(limited to 'ipsilon')

diff --git a/ipsilon/info/infoldap.py b/ipsilon/info/infoldap.py
index e56a6a0..01d2512 100644
--- a/ipsilon/info/infoldap.py
+++ b/ipsilon/info/infoldap.py
@@ -209,7 +209,12 @@ class Installer(InfoProviderInstaller):
             config['user dn template'] = opts['info_ldap_user_dn_template']
         elif 'ldap_bind_dn_template' in opts:
             config['user dn template'] = opts['ldap_bind_dn_template']
-        config['tls'] = 'Demand'
+        if 'info_ldap_tls_level' in opts and opts['info_ldap_tls_level']:
+            config['tls'] = opts['info_ldap_tls_level']
+        elif 'ldap_tls_level' in opts and opts['ldap_tls_level']:
+            config['tls'] = opts['ldap_tls_level']
+        else:
+            config['tls'] = 'Demand'
         if 'info_ldap_base_dn' in opts and opts['info_ldap_base_dn']:
             config['base dn'] = opts['info_ldap_base_dn']
         elif 'ldap_base_dn' in opts and opts['ldap_base_dn']:
diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py
index db58360..595d6be 100644
--- a/ipsilon/login/authldap.py
+++ b/ipsilon/login/authldap.py
@@ -190,6 +190,8 @@ class Installer(LoginManagerInstaller):
                            help='LDAP Server Url')
         group.add_argument('--ldap-bind-dn-template', action='store',
                            help='LDAP Bind DN Template')
+        group.add_argument('--ldap-tls-level', action='store', default=None,
+                           help='LDAP TLS level')
         group.add_argument('--ldap-base-dn', action='store',
                            help='LDAP Base DN')
 
@@ -208,7 +210,10 @@ class Installer(LoginManagerInstaller):
             config['server url'] = opts['ldap_server_url']
         if 'ldap_bind_dn_template' in opts:
             config['bind dn template'] = opts['ldap_bind_dn_template']
-        config['tls'] = 'Demand'
+        if 'ldap_tls_level' in opts and opts['ldap_tls_level'] is not None:
+            config['tls'] = opts['ldap_tls_level']
+        else:
+            config['tls'] = 'Demand'
         if 'ldap_base_dn' in opts and opts['ldap_base_dn'] is not None:
             config['base dn'] = opts['ldap_base_dn']
         po.save_plugin_config(config)
-- 
cgit