mirror of
https://git.lapiole.org/dani/ansible-roles.git
synced 2025-07-26 15:55:56 +02:00
Update to 2022-01-12 23:00
This commit is contained in:
Daniel Berteaud
@@ -53,48 +53,7 @@ if ( -e $opt->{config} ) {
|
||||
die "Config file " . $opt->{config} . " doesn't exist\n";
|
||||
}
|
||||
|
||||
# If ldap is configured, we'll use it to lookup email
|
||||
# addresses of submitters to send them notifications
|
||||
my $ldap;
|
||||
my $ldap_msg;
|
||||
if (defined $conf->{ldap} and defined $conf->{ldap}->{servers}){
|
||||
log_verbose("Connecting to " . join(', ', @{$conf->{ldap}->{servers}}));
|
||||
$ldap = new Net::LDAP($conf->{ldap}->{servers},
|
||||
timeout => 10,
|
||||
);
|
||||
if (not defined $ldap){
|
||||
log_info("Couldn't connect to any LDAP servers (" . join(',', @{$conf->{ldap}->{servers}}) . ")");
|
||||
} else {
|
||||
if (defined $conf->{ldap}->{start_tls} and $conf->{ldap}->{start_tls}){
|
||||
log_verbose("Upgrade LDAP connection using StartTLS");
|
||||
$ldap_msg = $ldap->start_tls(
|
||||
verify => 'require'
|
||||
);
|
||||
if ($ldap_msg->code){
|
||||
log_verbose("StartTLS failed : " . $ldap_msg->error);
|
||||
log_verbose("LDAP support will be disabled");
|
||||
$ldap = undef;
|
||||
}
|
||||
}
|
||||
if (defined $conf->{ldap}->{bind_dn} and defined $conf->{ldap}->{bind_pass}){
|
||||
log_verbose("Binding as $conf->{ldap}->{bind_dn}");
|
||||
$ldap_msg = $ldap->bind(
|
||||
$conf->{ldap}->{bind_dn},
|
||||
password => $conf->{ldap}->{bind_pass}
|
||||
);
|
||||
if ($ldap_msg->code){
|
||||
log_verbose("LDAP bind failed : " . $ldap_msg->error);
|
||||
log_verbose("LDAP support will be disabled");
|
||||
$ldap = undef;
|
||||
}
|
||||
} else {
|
||||
log_verbose("Using anonymous bind");
|
||||
$ldap_msg = $ldap->bind;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
log_verbose("No LDAP servers configured");
|
||||
}
|
||||
|
||||
my $inotify = new Linux::Inotify2
|
||||
or die "Unable to create new inotify object: $!";
|
||||
@@ -161,8 +120,9 @@ sub handle_submit {
|
||||
my $submiter = getpwuid(stat($srpm)->uid);
|
||||
my $email;
|
||||
log_info("File submited by $submiter");
|
||||
my $ldap = ldap_connect();
|
||||
if (defined $ldap){
|
||||
$email = user2email($submiter);
|
||||
$email = user2email($ldap, $submiter);
|
||||
if (not defined $email){
|
||||
log_verbose("LDAP returned no result");
|
||||
}
|
||||
@@ -172,6 +132,8 @@ sub handle_submit {
|
||||
} else {
|
||||
log_verbose("No email address for $submiter, no notification will be sent");
|
||||
}
|
||||
$ldap->done;
|
||||
$ldap->disconnect;
|
||||
# Do not check the signature here
|
||||
# We could try to submit a signed src.rpm for which we do not have the key system-wide
|
||||
my $src_pkg = RPM2->open_package($srpm, RPM2->_rpmvsf_nosignatures);
|
||||
@@ -288,6 +250,11 @@ sub handle_submit {
|
||||
);
|
||||
}
|
||||
}
|
||||
if (defined $ldap){
|
||||
$ldap->done;
|
||||
$ldap->disconnect;
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
# Handle errors. Log it, and notify the admin
|
||||
@@ -298,13 +265,6 @@ sub handle_error {
|
||||
my $dest = shift;
|
||||
|
||||
log_error( $err );
|
||||
if ( defined $conf->{notify}->{to} ) {
|
||||
send_notification(
|
||||
$conf->{notify}->{to},
|
||||
"Error while building $job_id",
|
||||
"Building $job_id failed at step '$step'. The error was\n$err\n"
|
||||
);
|
||||
}
|
||||
if ( defined $dest ) {
|
||||
send_notification(
|
||||
$dest,
|
||||
@@ -337,8 +297,10 @@ sub send_notification {
|
||||
|
||||
# Lookup in LDAP if we can get the email address of a user
|
||||
sub user2email {
|
||||
my $ldap = shift;
|
||||
my $user = shift;
|
||||
if (not defined $ldap or not defined $conf->{ldap}->{search_base} or not defined $conf->{ldap}->{search_filter}){
|
||||
log_verbose("LDAP not connected or not configured, skiping lookup");
|
||||
return;
|
||||
}
|
||||
my $filter = $conf->{ldap}->{search_filter};
|
||||
@@ -359,3 +321,48 @@ sub user2email {
|
||||
}
|
||||
return $results->entry(0)->get_value( $conf->{ldap}->{email_attr} );
|
||||
}
|
||||
|
||||
# Connect to LDAP
|
||||
# which will be used to lookup the email address of the submiter
|
||||
sub ldap_connect {
|
||||
my $ldaph;
|
||||
if (defined $conf->{ldap} and defined $conf->{ldap}->{servers}){
|
||||
log_verbose("Connecting to " . join(', ', @{$conf->{ldap}->{servers}}));
|
||||
$ldaph = new Net::LDAP($conf->{ldap}->{servers},
|
||||
timeout => 10,
|
||||
);
|
||||
if (not defined $ldaph){
|
||||
log_info("Couldn't connect to any LDAP servers (" . join(',', @{$conf->{ldap}->{servers}}) . ")");
|
||||
} else {
|
||||
if (defined $conf->{ldap}->{start_tls} and $conf->{ldap}->{start_tls}){
|
||||
log_verbose("Upgrade LDAP connection using StartTLS");
|
||||
$ldap_msg = $ldaph->start_tls(
|
||||
verify => 'require'
|
||||
);
|
||||
if ($ldap_msg->code){
|
||||
log_verbose("StartTLS failed : " . $ldap_msg->error);
|
||||
log_verbose("LDAP support will be disabled");
|
||||
$ldaph = undef;
|
||||
}
|
||||
}
|
||||
if (defined $conf->{ldap}->{bind_dn} and defined $conf->{ldap}->{bind_pass}){
|
||||
log_verbose("Binding as $conf->{ldap}->{bind_dn}");
|
||||
$ldap_msg = $ldaph->bind(
|
||||
$conf->{ldap}->{bind_dn},
|
||||
password => $conf->{ldap}->{bind_pass}
|
||||
);
|
||||
if ($ldap_msg->code){
|
||||
log_verbose("LDAP bind failed : " . $ldap_msg->error);
|
||||
log_verbose("LDAP support will be disabled");
|
||||
$ldaph = undef;
|
||||
}
|
||||
} else {
|
||||
log_verbose("Using anonymous bind");
|
||||
$ldap_msg = $ldaph->bind;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
log_verbose("No LDAP servers configured");
|
||||
}
|
||||
return $ldaph;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user