1 files changed, 33 insertions, 22 deletions

diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 64fa1b5..f9e27ff 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -116,8 +116,7 @@ class LDAP(pykolab.base.Base):
         pykolab.base.Base.__init__(self, domain=domain)
 
         self.ldap = None
-        self.bind = None
-
+        self.bind = False
         if domain == None:
             self.domain = conf.get('kolab', 'primary_domain')
         else:
@@ -231,7 +230,8 @@ class LDAP(pykolab.base.Base):
 
                 # Needs to be synchronous or succeeds and continues setting retval
                 # to True!!
-                retval = self._bind(entry_dn, login[1])
+                self.ldap.simple_bind_s(entry_dn, login[1])
+                retval = True
                 try:
                     auth_cache.set_entry(_filter, entry_dn)
                 except Exception, errmsg:
@@ -260,12 +260,13 @@ class LDAP(pykolab.base.Base):
 
                 # Needs to be synchronous or succeeds and continues setting retval
                 # to True!!
-                retval = self._bind(entry_dn, login[1])
+                self.ldap.simple_bind_s(entry_dn, login[1])
                 auth_cache.set_entry(_filter, entry_dn)
+                retval = True
 
             except ldap.NO_SUCH_OBJECT, errmsg:
                 log.debug(_("Error occured, there is no such object: %r") % (errmsg), level=8)
-                self.bind = None
+                self.bind = False
                 try:
                     auth_cache.del_entry(_filter)
                 except:
@@ -980,11 +981,8 @@ class LDAP(pykolab.base.Base):
         return entry_modifications
 
     def reconnect(self):
-        bind = self.bind
         self._disconnect()
         self.connect()
-        if bind is not None:
-            self._bind(bind['dn'], bind['pw'])
 
     def search_entry_by_attribute(self, attr, value, **kw):
         self._bind()
@@ -1185,33 +1183,27 @@ class LDAP(pykolab.base.Base):
     ### API depth level increasing!
     ###
 
-    def _bind(self, bind_dn=None, bind_pw=None):
+    def _bind(self):
         if self.ldap == None:
             self.connect()
 
-        if self.bind is None or bind_dn is None:
-            if bind_dn is None:
-                bind_dn = self.config_get('bind_dn')
-            if bind_pw is None:
-                bind_pw = self.config_get('bind_pw')
+        if not self.bind:
+            bind_dn = self.config_get('bind_dn')
+            bind_pw = self.config_get('bind_pw')
 
             # TODO: Binding errors control
             try:
                 self.ldap.simple_bind_s(bind_dn, bind_pw)
-                self.bind = {'dn': bind_dn, 'pw': bind_pw}
+                self.bind = True
             except ldap.SERVER_DOWN, errmsg:
                 log.error(_("LDAP server unavailable: %r") % (errmsg))
                 log.error(_("%s") % (traceback.format_exc()))
-                return False
             except ldap.INVALID_CREDENTIALS:
                 log.error(_("Invalid DN, username and/or password."))
-                return False
 
         else:
             log.debug(_("_bind called, but already bound"), level=9)
 
-        return True
-
     def _change_add_group(self, entry, change):
         """
             An entry of type group was added.
@@ -2083,7 +2075,7 @@ class LDAP(pykolab.base.Base):
         self._unbind()
         del self.ldap
         self.ldap = None
-        self.bind = None
+        self.bind = False
 
     def _domain_naming_context(self, domain):
         self._bind()
@@ -2276,7 +2268,11 @@ class LDAP(pykolab.base.Base):
 
         log.debug(_("Finding domain root dn for domain %s") % (domain), level=8)
 
+        bind_dn = conf.get('ldap', 'bind_dn')
+        bind_pw = conf.get('ldap', 'bind_pw')
+
         domain_base_dn = conf.get('ldap', 'domain_base_dn', quiet=True)
+
         domain_filter = conf.get('ldap', 'domain_filter')
 
         if not domain_filter == None:
@@ -2357,7 +2353,9 @@ class LDAP(pykolab.base.Base):
         log.debug(_("Listing domains..."), level=8)
 
         self.connect()
-        self._bind()
+
+        bind_dn = conf.get('ldap', 'bind_dn')
+        bind_pw = conf.get('ldap', 'bind_pw')
 
         domain_base_dn = conf.get('ldap', 'domain_base_dn', quiet=True)
 
@@ -2375,6 +2373,12 @@ class LDAP(pykolab.base.Base):
         if domain_base_dn == None or domain_filter == None:
             return []
 
+        # TODO: this function should be wrapped for error handling
+        try:
+            self.ldap.simple_bind_s(bind_dn, bind_pw)
+        except ldap.SERVER_DOWN, e:
+            raise AuthBackendError, _("Authentication database DOWN")
+
         dna = self.config_get('domain_name_attribute')
         if dna == None:
             dna = 'associateddomain'
@@ -2411,6 +2415,13 @@ class LDAP(pykolab.base.Base):
 
         return domains
 
+    def _reconnect(self):
+        """
+            Reconnect to LDAP
+        """
+        self._disconnect()
+        self.connect()
+
     def _synchronize_callback(self, *args, **kw):
         """
            Determine the characteristics of the callback being placed, and
@@ -2531,7 +2542,7 @@ class LDAP(pykolab.base.Base):
         """
 
         self.ldap.unbind()
-        self.bind = None
+        self.bind = False
 
     ###
     ### Backend search functions