Product
Introducing Enhanced Alert Actions and Triage Functionality
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
Readme
Ldap utils library.
pip install ldaputils
# use your own host, port, username and password values.
# username must be a fully qualified dn.
# Use ipython help to see more init parameters.
server = LdapService(
host="localhost,
port=389,
username="cn=admin,dc=example,dc=com",
password="adminpassword",
)
name = nameutils.get_random_name() # use fastutils.nameutils.get_random_name for test
username = pinyinutils.to_pinyin(name).lower()
user_detail = {
"cn": name,
"ou": "AI Tech Group",
"l": "HangZhou, China",
}
assert self.server.add_user_entry(username, user_detail)
assert self.server.delete_user_entry(username)
wrap socket error: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1006)
problem.This is not a problem of ldaputils
library, nor is a problem of ldap3
library. It happens because ssl client and the server using different protocols.
openssl s_client -connect x.x.x.x:389 -showcerts -starttls ldap
Type shell command above.
Replace x.x.x.x:389 with your own ldap server address and port.
The output may looks like:
...
...
---
New, TLSv1.2, Cipher is AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : AES256-GCM-SHA384
Session-ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Session-ID-ctx:
Master-Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 19 1a 2e c9 bc 3a c8 2b-27 ab 9c cf 94 12 f8 79 .......['4......
0010 - bd 1a 9a c9 52 3e ac 2d-af ab aa cf c6 09 f8 7f .........R.>...O
0020 - 63 1a b9 c9 73 34 ea 27-4d ab a8 cf 2f 12 f8 79 c..-s4..M..**...
0030 - ac 1a 18 c9 40 35 4f 26-ce ab ca cf 95 60 f8 71 ....@.O....\.`.a
0040 - 19 1a 2e c9 9d 34 ba 28-90 ab 50 cf ce 8c f8 79 .......8.oP7..U.
0050 - d5 1a 3b c9 cc 36 61 27-ff ab 0f cf 4c 34 f8 70 ..;..f..... L4..
0060 - c8 1a 1b c9 b3 3e a5 27-e0 ab 21 cf 1a 84 f8 75 .<........!...d.
0070 - 26 1a 1b c9 6b 34 a2 24-03 ab 57 cf 70 e1 f8 74 fW.ykD.t.vxXt..t
0080 - 8c 1a 52 c9 46 39 e3 2b-44 ab 66 cf 23 b3 f8 7d ..rrfxI..D.x.#.;M
0090 - 74 1a f8 c9 af 37 37 2b-89 ab 62 cf 53 5c f8 7b t8...G7...bGx\..
Start Time: 1697691557
Timeout : 7200 (sec)
Verify return code: 10 (certificate has expired)
Extended master secret: no
---
...
...
You can found out what Protocol
and Cipher
your server is using.
from ldap3 import Tls
from ldaputils import LdapService
tls = Tls(
version=ssl.PROTOCOL_TLSv1_2,
ciphers="AES256-GCM-SHA384",
)
service = LdapService(
host="x.x.x.x",
port=389,
username="cn=admin,dc=example,dc=com",
password="example",
base_dn="dc=example,dc=com",
server_params={
"tls": tls,
},
)
server_params
and you will get SSL problem solved.FAQs
Ldap utils library.
We found that ldaputils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.