diff options
author | Simo Sorce <ssorce@redhat.com> | 2011-02-25 18:37:45 -0500 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2011-03-01 11:02:55 -0500 |
commit | 2028695d88cad856d3051abc76fa9254dd3598e2 (patch) | |
tree | 8afc023649613a644ce5f8e973defae7393d9ebc /ipaserver/install/replication.py | |
parent | 09dd05b49ac8b5bcb0adcc193e9b943be6471f70 (diff) | |
download | freeipa-2028695d88cad856d3051abc76fa9254dd3598e2.tar.gz freeipa-2028695d88cad856d3051abc76fa9254dd3598e2.tar.xz freeipa-2028695d88cad856d3051abc76fa9254dd3598e2.zip |
Use wrapper for sasl gssapi binds so it behaves like other binds
By calling directly sasl_interactive_bind_s() we were not calling __lateinit()
This in turn resulted in some variables like dbdir not to be set on the
IPAadmin object.
Keep all bind types in the same place so the same common sbind steps can be
performed in each case.
Related to: https://fedorahosted.org/freeipa/ticket/1022
Diffstat (limited to 'ipaserver/install/replication.py')
-rw-r--r-- | ipaserver/install/replication.py | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py index 1f1598a45..402577f1d 100644 --- a/ipaserver/install/replication.py +++ b/ipaserver/install/replication.py @@ -39,8 +39,6 @@ TIMEOUT = 120 IPA_REPLICA = 1 WINSYNC = 2 -SASL_AUTH = ldap.sasl.sasl({}, 'GSSAPI') - def check_replication_plugin(): """ Confirm that the 389-ds replication is installed. @@ -64,7 +62,7 @@ def enable_replication_version_checking(hostname, realm, dirman_passwd): if dirman_passwd: conn.do_simple_bind(bindpw=dirman_passwd) else: - conn.sasl_interactive_bind_s('', SASL_AUTH) + conn.do_sasl_gssapi_bind() entry = conn.search_s('cn=IPA Version Replication,cn=plugins,cn=config', ldap.SCOPE_BASE, 'objectclass=*') if entry[0].getValue('nsslapd-pluginenabled') == 'off': conn.modify_s(entry[0].dn, [(ldap.MOD_REPLACE, 'nsslapd-pluginenabled', 'on')]) @@ -90,7 +88,7 @@ class ReplicationManager: if dirman_passwd: self.conn.do_simple_bind(bindpw=dirman_passwd) else: - self.conn.sasl_interactive_bind_s('', SASL_AUTH) + self.conn.do_sasl_gssapi_bind() self.repl_man_passwd = dirman_passwd @@ -605,7 +603,7 @@ class ReplicationManager: if r_bindpw: r_conn.do_simple_bind(binddn=r_binddn, bindpw=r_bindpw) else: - r_conn.sasl_interactive_bind_s('', SASL_AUTH) + r_conn.do_sasl_gssapi_bind() #Setup the first half l_id = self._get_replica_id(self.conn, r_conn) @@ -684,7 +682,7 @@ class ReplicationManager: if r_bindpw: r_conn.do_simple_bind(binddn=r_binddn, bindpw=r_bindpw) else: - r_conn.sasl_interactive_bind_s('', SASL_AUTH) + r_conn.do_sasl_gssapi_bind() # First off make sure servers are in sync so that both KDCs # have all princiapls and their passwords and can release @@ -714,7 +712,7 @@ class ReplicationManager: if r_bindpw: r_conn.do_simple_bind(binddn=r_binddn, bindpw=r_bindpw) else: - r_conn.sasl_interactive_bind_s('', SASL_AUTH) + r_conn.do_sasl_gssapi_bind() # Allow krb principals to act as replicas self.setup_krb_princs_as_replica_binddns(self.conn, r_conn) |