userdir_ldap.py: read auth password from environment if set

diff --git a/debian/changelog b/debian/changelog
index 6aeaebe..6feea47 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,12 +13,13 @@ userdir-ldap (0.3.XXX) UNRELEASED; urgency=low
     - do not hard-code 'debian.org' in the 'write-zonefile debian.org' call,
       but instead re-use the domain from email-append.
     - now preserve server side modifcation times when rsyncing data.
+  * userdir_ldap.py: read auth password from environment if set.
 
   [ Stephen Gran ]
   * Fix deprecation warnings for sha module by using hashlib module instead
   * ud-fingerserv: update Net::LDAP import
 
- -- Peter Palfrader <weasel@debian.org>  Thu, 29 Dec 2011 22:05:22 +0100
+ -- Peter Palfrader <weasel@debian.org>  Mon, 05 Mar 2012 11:17:36 +0100
 
 userdir-ldap (0.3.79) unstable; urgency=low
 

diff --git a/userdir_ldap.py b/userdir_ldap.py
index 9e99899..9972136 100644 (file)
--- a/userdir_ldap.py
+++ b/userdir_ldap.py
@@ -126,7 +126,10 @@ def passwdAccessLDAP(BaseDn, AdminUser):
    """
    print "Accessing LDAP directory as '" + AdminUser + "'";
    while (1):
-      Password = getpass.getpass(AdminUser + "'s password: ")
+      if 'LDAP_PASSWORD' in os.environ:
+          Password = os.environ['LDAP_PASSWORD']
+      else:
+          Password = getpass.getpass(AdminUser + "'s password: ")
 
       if len(Password) == 0:
          sys.exit(0)
@@ -138,6 +141,9 @@ def passwdAccessLDAP(BaseDn, AdminUser):
       try:
          l.simple_bind_s(UserDn,Password);
       except ldap.INVALID_CREDENTIALS:
+         if 'LDAP_PASSWORD' in os.environ:
+             print "password in environment does not work"
+             del os.environ['LDAP_PASSWORD']
          continue
       break
    return l