diff options
author | Petr Viktorin <pviktori@redhat.com> | 2013-01-31 08:26:38 -0500 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-03-13 12:36:33 +0100 |
commit | 664248d5b846321f61e0776b646cca82c5a17884 (patch) | |
tree | 63547fb882cfc17b82284042da8a3073bc42f8bd /install/migration/migration.py | |
parent | a0242334feb3da01430f517806768965dabe92c2 (diff) | |
download | freeipa-664248d5b846321f61e0776b646cca82c5a17884.tar.gz freeipa-664248d5b846321f61e0776b646cca82c5a17884.tar.xz freeipa-664248d5b846321f61e0776b646cca82c5a17884.zip |
Use IPAdmin rather than raw python-ldap in migration.py and ipadiscovery.py
These used ipautil.get_ipa_basedn. Convert that to use the new wrappers.
Beef up the error handling in ipaldap to accomodate the errors we catch
in the server discovery.
Add a DatabaseTimeout exception to errors.py.
These were the last uses of ipautil.convert_ldap_error, remove that.
https://fedorahosted.org/freeipa/ticket/3487
https://fedorahosted.org/freeipa/ticket/3446
Diffstat (limited to 'install/migration/migration.py')
-rw-r--r-- | install/migration/migration.py | 26 |
1 files changed, 6 insertions, 20 deletions
diff --git a/install/migration/migration.py b/install/migration/migration.py index 81b15b021..27e23a59f 100644 --- a/install/migration/migration.py +++ b/install/migration/migration.py @@ -23,7 +23,6 @@ Password migration script import cgi import errno import glob -import ldap import wsgiref from ipapython.ipa_log_manager import root_logger @@ -33,19 +32,6 @@ from ipapython.ipaldap import IPAdmin from ipalib import errors -def convert_exception(error): - """ - Convert an LDAP exception into something more readable. - """ - if not isinstance(error, ldap.TIMEOUT): - desc = error.args[0]['desc'].strip() - info = error.args[0].get('info', '').strip() - else: - desc = '' - info = '' - - return '%s (%s)' % (desc, info) - def wsgi_redirect(start_response, loc): start_response('302 Found', [('Location', loc)]) return [] @@ -63,14 +49,14 @@ def get_base_dn(ldap_uri): Retrieve LDAP server base DN. """ try: - conn = ldap.initialize(ldap_uri) - conn.simple_bind_s('', '') + conn = IPAdmin(ldap_uri=ldap_uri) + conn.do_simple_bind(DN(), '') base_dn = get_ipa_basedn(conn) - except ldap.LDAPError, e: + except Exception, e: root_logger.error('migration context search failed: %s' % e) return '' finally: - conn.unbind_s() + conn.unbind() return base_dn @@ -82,14 +68,14 @@ def bind(ldap_uri, base_dn, username, password): bind_dn = DN(('uid', username), ('cn', 'users'), ('cn', 'accounts'), base_dn) try: conn = IPAdmin(ldap_uri=ldap_uri) - conn.do_simple_bind(str(bind_dn), password) + conn.do_simple_bind(bind_dn, password) except (errors.ACIError, errors.DatabaseError, errors.NotFound), e: root_logger.error( 'migration invalid credentials for %s: %s' % (bind_dn, e)) raise IOError( errno.EPERM, 'Invalid LDAP credentials for user %s' % username) except Exception, e: - root_logger.error('migration bind failed: %s' % convert_exception(e)) + root_logger.error('migration bind failed: %s' % e) raise IOError(errno.EIO, 'Bind error') finally: conn.unbind() |