python-ldap hanging for 15 minutes under certain conditions

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi

I'm trying to do a search against Samba 4's LDAP server and it works,
but the bind and search are both successful, everything hangs when I
try to unbind from the LDAP server.  If anyone could enlighten me I
would be grateful.

I've run into the same issue on various different Linux machines with
a range of OpenLDAP and python-ldap versions, but it seems to work
fine on a Mac running Leopard.

e.g. Ubuntu Lucid Lynx with libldap2-dev version 2.4.21-0ubuntu5.3 and
python-ldap 2.3.10-1ubuntu1.

I've also tried upgrading python-ldap to 2.3.12, but that does not
seep to have helped.

def test(username, password):
    base = "DC=example,DC=com"
    userbase = "CN=Users," + base
    userdn = "CN=%s,%s" % (username, userbase)
    ldap_server = "ldap://example.com"
    conn = ldap.initialize(ldap_server)
    conn.set_option(ldap.OPT_REFERRALS, 0) # Doesn't appear to make a difference
    conn.start_tls_s()
    try:
        conn.simple_bind_s(userdn, password)
        logging.debug("Bind succeeded for '%s'", username)
    except ldap.LDAPError, e:
        logging.warn("Authentication failed for '%s'", username)
        return False
    res = conn.search_s("CN=Some Group,CN=Users,DC=bluebird,DC=co,DC=za",
                        ldap.SCOPE_BASE, filterstr="(member=%s)" % userdn,
                        attrlist=["member"])
    if len(res) != 1:
        logging.debug("User '%s' is not in the Some Group group", username)
        conn.unbind()
        return False
    logging.debug("User '%s' appears to be in the Some Group group", username)
    conn.unbind() # <- hangs here for 15 minutes.
    logging.debug("Unbound.")
    return True

-- 
Michael Wood <esi...@gm...>