diff options
| author | rcritten@redhat.com <rcritten@redhat.com> | 2007-09-21 14:39:52 -0400 |
|---|---|---|
| committer | rcritten@redhat.com <rcritten@redhat.com> | 2007-09-21 14:39:52 -0400 |
| commit | 2fec56d679ff686c4bb3d2fe37b8e0866ad765b4 (patch) | |
| tree | e119c8274415ccb24a2d60bc14bdbab276786214 | |
| parent | 7b969737112c7a26711c3d4a9713ef1ca30f1be8 (diff) | |
| download | freeipa-2fec56d679ff686c4bb3d2fe37b8e0866ad765b4.tar.gz freeipa-2fec56d679ff686c4bb3d2fe37b8e0866ad765b4.tar.xz freeipa-2fec56d679ff686c4bb3d2fe37b8e0866ad765b4.zip | |
Enable LDAP debugging using the mod_python Apache configuration directive
PythonOption IPADebug On/Off
| -rw-r--r-- | ipa-server/ipaserver/ipaldap.py | 5 | ||||
| -rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 18 | ||||
| -rw-r--r-- | ipa-server/xmlrpc-server/ipa.conf | 3 | ||||
| -rw-r--r-- | ipa-server/xmlrpc-server/ipaxmlrpc.py | 4 |
4 files changed, 20 insertions, 10 deletions
diff --git a/ipa-server/ipaserver/ipaldap.py b/ipa-server/ipaserver/ipaldap.py index 69d909222..ffbb2168d 100644 --- a/ipa-server/ipaserver/ipaldap.py +++ b/ipa-server/ipaserver/ipaldap.py @@ -209,13 +209,14 @@ class IPAdmin(SimpleLDAPObject): else: SimpleLDAPObject.__init__(self,'ldap://%s:%d' % (self.host,self.port)) - def __init__(self,host,port,cacert,bindcert,bindkey,proxydn=None): + def __init__(self,host,port,cacert,bindcert,bindkey,proxydn=None,debug=None): """We just set our instance variables and wrap the methods - the real work is done in __localinit__ and __initPart2 - these are separated out this way so that we can call them from places other than instance creation e.g. when we just need to reconnect, not create a new instance""" -# ldap.set_option(ldap.OPT_DEBUG_LEVEL,255) + if debug.lower() == "on": + ldap.set_option(ldap.OPT_DEBUG_LEVEL,255) if cacert is not None: ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,cacert) ldap.set_option(ldap.OPT_X_TLS_CERTFILE,bindcert) diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index e1e7d3fff..a09f5c4ee 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -49,7 +49,7 @@ class IPAConnPool: def __init__(self): self.freelist = [] - def getConn(self, host, port, bindca, bindcert, bindkey, proxydn=None, krbccache=None): + def getConn(self, host, port, bindca, bindcert, bindkey, proxydn=None, krbccache=None, debug=None): conn = None if len(self.freelist) > 0: for i in range(len(self.freelist)): @@ -58,7 +58,7 @@ class IPAConnPool: conn = self.freelist.pop(i) break if conn is None: - conn = ipaserver.ipaldap.IPAdmin(host,port,bindca,bindcert,bindkey) + conn = ipaserver.ipaldap.IPAdmin(host,port,bindca,bindcert,bindkey,None,debug) if proxydn is not None: conn.set_proxydn(proxydn) else: @@ -99,13 +99,13 @@ class IPAServer: def set_krbccache(self, krbccache): self.krbccache = krbccache - def get_dn_from_principal(self, princ): + def get_dn_from_principal(self, princ, debug): """Given a kerberos principal get the LDAP uid""" global _LDAPPool filter = "(krbPrincipalName=" + princ + ")" # The only anonymous search we should have - conn = _LDAPPool.getConn(self.host,self.sslport,self.bindca,self.bindcert,self.bindkey,None,None) + conn = _LDAPPool.getConn(self.host,self.sslport,self.bindca,self.bindcert,self.bindkey,None,None,debug) try: ent = conn.getEntry(self.basedn, self.scope, filter, ['dn']) finally: @@ -124,6 +124,8 @@ class IPAServer: that and None for proxy dn to make calling getConn() easier. """ + debug = opts.get('ipadebug') + if opts: if opts.get('krbccache'): self.set_krbccache(opts['krbccache']) @@ -137,9 +139,9 @@ class IPAServer: pass if self.princ is not None: - return self.get_dn_from_principal(self.princ), None + return self.get_dn_from_principal(self.princ, debug), None, debug else: - return None, self.krbccache + return None, self.krbccache, debug def getConnection(self, opts): """Wrapper around IPAConnPool.getConn() so we don't have to pass @@ -151,7 +153,7 @@ class IPAServer: """ global _LDAPPool - (proxy_dn, krbccache) = self.__setup_connection(opts) + (proxy_dn, krbccache, debug) = self.__setup_connection(opts) if krbccache is not None: bindca = None @@ -167,7 +169,7 @@ class IPAServer: else: return None - return _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache) + return _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache,debug) def releaseConnection(self, conn): global _LDAPPool diff --git a/ipa-server/xmlrpc-server/ipa.conf b/ipa-server/xmlrpc-server/ipa.conf index 784f26173..9b73ec69d 100644 --- a/ipa-server/xmlrpc-server/ipa.conf +++ b/ipa-server/xmlrpc-server/ipa.conf @@ -51,6 +51,9 @@ Alias /ipa "/usr/share/ipa/ipaserver/XMLRPC" PythonDebug Off + # Some IPA-specific configuration options + PythonOption IPADebug Off + # this is pointless to use since it would just reload ipaxmlrpc.py PythonAutoReload Off </Directory> diff --git a/ipa-server/xmlrpc-server/ipaxmlrpc.py b/ipa-server/xmlrpc-server/ipaxmlrpc.py index 861de8e5c..09346a4ca 100644 --- a/ipa-server/xmlrpc-server/ipaxmlrpc.py +++ b/ipa-server/xmlrpc-server/ipaxmlrpc.py @@ -130,6 +130,7 @@ class ModXMLRPCRequestHandler(object): """Dispatches an XML-RPC method from marshalled (XML) data.""" params, method = loads(data) + pythonopts = req.get_options() # Populate the Apache environment variables req.add_common_vars() @@ -140,6 +141,9 @@ class ModXMLRPCRequestHandler(object): if req.subprocess_env.get("KRB5CCNAME") is not None: opts['krbccache'] = req.subprocess_env.get("KRB5CCNAME") + if pythonopts.get("IPADebug"): + opts['ipadebug'] = pythonopts.get("IPADebug") + # Tack onto the end of the passed-in arguments any options we also # need params = params + (opts,) |