From a3b2e41864631eab926de8a379edff97ad1e1936 Mon Sep 17 00:00:00 2001
From: holczer <holczer@crysys.hu>
Date: Tue, 16 Jun 2020 16:53:20 +0200
Subject: [PATCH] corrected multi ldap server handling

---
 radicale_auth_ldap/__init__.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/radicale_auth_ldap/__init__.py b/radicale_auth_ldap/__init__.py
index f940e4c..5741f5e 100644
--- a/radicale_auth_ldap/__init__.py
+++ b/radicale_auth_ldap/__init__.py
@@ -37,7 +37,14 @@ import radicale_auth_ldap.ldap3imports
 class Auth(BaseAuth):
     def is_authenticated(self, user, password):
         """Check if ``user``/``password`` couple is valid."""
-        SERVER = ldap3.Server(self.configuration.get("auth", "ldap_url"))
+        server_list = self.configuration.get("auth", "ldap_url")
+        if ' ' in server_list:  # Handle for multiple LDAP server defined in ldap_url with space separation
+            servers = server_list.split(' ')
+            SERVER = ldap3.ServerPool(None)
+            for s in servers:
+                SERVER.add(ldap3.Server(s))
+        else:  # only one server is defined
+            SERVER = ldap3.Server(server_list)
         BASE = self.configuration.get("auth", "ldap_base")
         ATTRIBUTE = self.configuration.get("auth", "ldap_attribute")
         FILTER = self.configuration.get("auth", "ldap_filter")
@@ -46,9 +53,6 @@ class Auth(BaseAuth):
         SCOPE = self.configuration.get("auth", "ldap_scope")
         SUPPORT_EXTENDED = self.configuration.getboolean("auth", "ldap_support_extended", fallback=True)
 
-        if ' ' in SERVER:  # Handle if multiple LDAP server is defined in ldap_url with space separation
-            SERVER = SERVER.split(' ')  # ldap3.connection can handle multiple servers in a list as an implicit server pool
-        
         if BINDDN and PASSWORD:
             conn = ldap3.Connection(SERVER, BINDDN, PASSWORD)
         else: