From c51ce61e4d295cc49a28768231a8d72d9a78f45b Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 26 Oct 2010 10:26:06 -0400 Subject: UUIDs: remove uuid python plugin and let DS always autogenerate merge in remove uuid --- install/share/bootstrap-template.ldif | 2 + install/share/default-hbac.ldif | 4 +- install/share/uuid-ipauniqueid.ldif | 3 +- install/updates/30-hbacsvc.update | 16 +- ipalib/__init__.py | 5 - ipalib/ipauuid.py | 570 ---------------------------------- ipalib/plugins/baseldap.py | 4 +- ipalib/plugins/migration.py | 6 +- ipaserver/install/dsinstance.py | 4 +- ipaserver/install/krbinstance.py | 3 +- ipaserver/install/ldapupdate.py | 3 +- ipaserver/install/service.py | 5 +- tests/test_xmlrpc/xmlrpc_test.py | 2 +- 13 files changed, 25 insertions(+), 602 deletions(-) delete mode 100644 ipalib/ipauuid.py diff --git a/install/share/bootstrap-template.ldif b/install/share/bootstrap-template.ldif index fda3ae2ac..5e8df7771 100644 --- a/install/share/bootstrap-template.ldif +++ b/install/share/bootstrap-template.ldif @@ -114,6 +114,7 @@ objectClass: posixaccount objectClass: krbprincipalaux objectClass: krbticketpolicyaux objectClass: inetuser +objectClass: ipaobject uid: admin krbPrincipalName: admin@$REALM cn: Administrator @@ -124,6 +125,7 @@ homeDirectory: /home/admin loginShell: /bin/bash gecos: Administrator nsAccountLock: False +ipaUniqueID: autogenerate dn: cn=radius,$SUFFIX changetype: add diff --git a/install/share/default-hbac.ldif b/install/share/default-hbac.ldif index 29ec88838..b7b6ba284 100644 --- a/install/share/default-hbac.ldif +++ b/install/share/default-hbac.ldif @@ -1,5 +1,5 @@ # default HBAC policy that grants permission to all services -dn: ipauniqueid=$UUID,cn=hbac,$SUFFIX +dn: ipauniqueid=autogenerate,cn=hbac,$SUFFIX changetype: add objectclass: ipaassociation objectclass: ipahbacrule @@ -11,5 +11,5 @@ sourcehostcategory: all servicecategory: all ipaenabledflag: TRUE description: Allow all users to access any host from any host -# ipauniqueid gets added for us by 389-ds +ipauniqueid: autogenerate diff --git a/install/share/uuid-ipauniqueid.ldif b/install/share/uuid-ipauniqueid.ldif index 7041889ba..c8d08cd9b 100644 --- a/install/share/uuid-ipauniqueid.ldif +++ b/install/share/uuid-ipauniqueid.ldif @@ -5,6 +5,7 @@ objectclass: top objectclass: extensibleObject cn: IPA Unique IDs ipaUuidAttr: ipaUniqueID -ipaUuidMagicRegen: 0 +ipaUuidMagicRegen: autogenerate ipaUuidFilter: (|(objectclass=ipaObject)(objectclass=ipaAssociation)) ipaUuidScope: $SUFFIX +ipaUuidEnforce: TRUE diff --git a/install/updates/30-hbacsvc.update b/install/updates/30-hbacsvc.update index 229c0f143..9bbdeacc8 100644 --- a/install/updates/30-hbacsvc.update +++ b/install/updates/30-hbacsvc.update @@ -3,49 +3,49 @@ default:objectclass: ipahbacservice default:objectclass: ipaobject default:cn: sshd default:description: sshd -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate dn: cn=ftp,cn=hbacservices,cn=accounts,$SUFFIX default:objectclass: ipahbacservice default:objectclass: ipaobject default:cn: ftp default:description: ftp -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate dn: cn=su,cn=hbacservices,cn=accounts,$SUFFIX default:objectclass: ipahbacservice default:objectclass: ipaobject default:cn: su default:description: su -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate dn: cn=login,cn=hbacservices,cn=accounts,$SUFFIX default:objectclass: ipahbacservice default:objectclass: ipaobject default:cn: login default:description: login -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate dn: cn=su-l,cn=hbacservices,cn=accounts,$SUFFIX default:objectclass: ipahbacservice default:objectclass: ipaobject default:cn: su-l default:description: su with login shell -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate dn: cn=sudo,cn=hbacservices,cn=accounts,$SUFFIX default:objectclass: ipahbacservice default:objectclass: ipaobject default:cn: sudo default:description: sudo -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate dn: cn=sudo-i,cn=hbacservices,cn=accounts,$SUFFIX default:objectclass: ipahbacservice default:objectclass: ipaobject default:cn: sudo-i default:description: sudo-i -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate dn: cn=SUDO,cn=hbacservicegroups,cn=accounts,$SUFFIX default:objectClass: ipaobject @@ -54,7 +54,7 @@ default:objectClass: nestedGroup default:objectClass: groupOfNames default:objectClass: top default:cn: SUDO -default:ipauniqueid:$UUID +default:ipauniqueid:autogenerate default:description: Default group of SUDO related services default:member: cn=sudo,cn=hbacservices,cn=accounts,$SUFFIX default:member: cn=sudo-i,cn=hbacservices,cn=accounts,$SUFFIX diff --git a/ipalib/__init__.py b/ipalib/__init__.py index 6545bf718..2589cf159 100644 --- a/ipalib/__init__.py +++ b/ipalib/__init__.py @@ -883,11 +883,6 @@ from parameters import BytesEnum, StrEnum, AccessTime, File from errors import SkipPluginModule from text import _, ngettext, GettextFactory, NGettextFactory -# We can't import the python uuid since it includes ctypes which makes -# httpd throw up when run in in mod_python due to SELinux issues -import ipauuid as uuid - - version_info = (2, 0, 0, 'alpha', 0) if version_info[3] == 'final': __version__ = '%d.%d.%d' % version_info[:3] diff --git a/ipalib/ipauuid.py b/ipalib/ipauuid.py deleted file mode 100644 index 59753d048..000000000 --- a/ipalib/ipauuid.py +++ /dev/null @@ -1,570 +0,0 @@ -# This is a backport of the Python2.5 uuid module. - -# IMPORTANT NOTE: All references to ctypes are commented out because -# ctypes does all sorts of strange things that makes -# it not work in httpd with SELinux enabled. - -r"""UUID objects (universally unique identifiers) according to RFC 4122. - -This module provides immutable UUID objects (class UUID) and the functions -uuid1(), uuid3(), uuid4(), uuid5() for generating version 1, 3, 4, and 5 -UUIDs as specified in RFC 4122. - -If all you want is a unique ID, you should probably call uuid1() or uuid4(). -Note that uuid1() may compromise privacy since it creates a UUID containing -the computer's network address. uuid4() creates a random UUID. - -Typical usage: - - **Important:** So that the freeIPA Python 2.4 ``uuid`` backport can be - automatically loaded when needed, import the ``uuid`` module like this: - - >>> from ipalib import uuid - - Make a UUID based on the host ID and current time: - - >>> uuid.uuid1() #doctest: +ELLIPSIS - UUID('...') - - Make a UUID using an MD5 hash of a namespace UUID and a name: - - >>> uuid.uuid3(uuid.NAMESPACE_DNS, 'python.org') - UUID('6fa459ea-ee8a-3ca4-894e-db77e160355e') - - Make a random UUID: - - >>> uuid.uuid4() #doctest: +ELLIPSIS - UUID('...') - - Make a UUID using a SHA-1 hash of a namespace UUID and a name: - - >>> uuid.uuid5(uuid.NAMESPACE_DNS, 'python.org') - UUID('886313e1-3b8a-5372-9b90-0c9aee199e5d') - - Make a UUID from a string of hex digits (braces and hyphens ignored): - - >>> x = uuid.UUID('{00010203-0405-0607-0809-0a0b0c0d0e0f}') - >>> x - UUID('00010203-0405-0607-0809-0a0b0c0d0e0f') - - Convert a UUID to a string of hex digits in standard form: - - >>> str(x) - '00010203-0405-0607-0809-0a0b0c0d0e0f' - - Get the raw 16 bytes of the UUID: - - >>> x.bytes - '\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f' - - Make a UUID from a 16-byte string: - - >>> uuid.UUID(bytes=x.bytes) - UUID('00010203-0405-0607-0809-0a0b0c0d0e0f') -""" - -__author__ = 'Ka-Ping Yee ' - -RESERVED_NCS, RFC_4122, RESERVED_MICROSOFT, RESERVED_FUTURE = [ - 'reserved for NCS compatibility', 'specified in RFC 4122', - 'reserved for Microsoft compatibility', 'reserved for future definition'] - -class UUID(object): - """Instances of the UUID class represent UUIDs as specified in RFC 4122. - UUID objects are immutable, hashable, and usable as dictionary keys. - Converting a UUID to a string with str() yields something in the form - '12345678-1234-1234-1234-123456789abc'. The UUID constructor accepts - five possible forms: a similar string of hexadecimal digits, or a tuple - of six integer fields (with 32-bit, 16-bit, 16-bit, 8-bit, 8-bit, and - 48-bit values respectively) as an argument named 'fields', or a string - of 16 bytes (with all the integer fields in big-endian order) as an - argument named 'bytes', or a string of 16 bytes (with the first three - fields in little-endian order) as an argument named 'bytes_le', or a - single 128-bit integer as an argument named 'int'. - - UUIDs have these read-only attributes: - - bytes the UUID as a 16-byte string (containing the six - integer fields in big-endian byte order) - - bytes_le the UUID as a 16-byte string (with time_low, time_mid, - and time_hi_version in little-endian byte order) - - fields a tuple of the six integer fields of the UUID, - which are also available as six individual attributes - and two derived attributes: - - time_low the first 32 bits of the UUID - time_mid the next 16 bits of the UUID - time_hi_version the next 16 bits of the UUID - clock_seq_hi_variant the next 8 bits of the UUID - clock_seq_low the next 8 bits of the UUID - node the last 48 bits of the UUID - - time the 60-bit timestamp - clock_seq the 14-bit sequence number - - hex the UUID as a 32-character hexadecimal string - - int the UUID as a 128-bit integer - - urn the UUID as a URN as specified in RFC 4122 - - variant the UUID variant (one of the constants RESERVED_NCS, - RFC_4122, RESERVED_MICROSOFT, or RESERVED_FUTURE) - - version the UUID version number (1 through 5, meaningful only - when the variant is RFC_4122) - """ - - def __init__(self, hex=None, bytes=None, bytes_le=None, fields=None, - int=None, version=None): - r"""Create a UUID from either a string of 32 hexadecimal digits, - a string of 16 bytes as the 'bytes' argument, a string of 16 bytes - in little-endian order as the 'bytes_le' argument, a tuple of six - integers (32-bit time_low, 16-bit time_mid, 16-bit time_hi_version, - 8-bit clock_seq_hi_variant, 8-bit clock_seq_low, 48-bit node) as - the 'fields' argument, or a single 128-bit integer as the 'int' - argument. When a string of hex digits is given, curly braces, - hyphens, and a URN prefix are all optional. For example, these - expressions all yield the same UUID: - - UUID('{12345678-1234-5678-1234-567812345678}') - UUID('12345678123456781234567812345678') - UUID('urn:uuid:12345678-1234-5678-1234-567812345678') - UUID(bytes='\x12\x34\x56\x78'*4) - UUID(bytes_le='\x78\x56\x34\x12\x34\x12\x78\x56' + - '\x12\x34\x56\x78\x12\x34\x56\x78') - UUID(fields=(0x12345678, 0x1234, 0x5678, 0x12, 0x34, 0x567812345678)) - UUID(int=0x12345678123456781234567812345678) - - Exactly one of 'hex', 'bytes', 'bytes_le', 'fields', or 'int' must - be given. The 'version' argument is optional; if given, the resulting - UUID will have its variant and version set according to RFC 4122, - overriding the given 'hex', 'bytes', 'bytes_le', 'fields', or 'int'. - """ - - if [hex, bytes, bytes_le, fields, int].count(None) != 4: - raise TypeError('need one of hex, bytes, bytes_le, fields, or int') - if hex is not None: - hex = hex.replace('urn:', '').replace('uuid:', '') - hex = hex.strip('{}').replace('-', '') - if len(hex) != 32: - raise ValueError('badly formed hexadecimal UUID string') - int = long(hex, 16) - if bytes_le is not None: - if len(bytes_le) != 16: - raise ValueError('bytes_le is not a 16-char string') - bytes = (bytes_le[3] + bytes_le[2] + bytes_le[1] + bytes_le[0] + - bytes_le[5] + bytes_le[4] + bytes_le[7] + bytes_le[6] + - bytes_le[8:]) - if bytes is not None: - if len(bytes) != 16: - raise ValueError('bytes is not a 16-char string') - int = long(('%02x'*16) % tuple(map(ord, bytes)), 16) - if fields is not None: - if len(fields) != 6: - raise ValueError('fields is not a 6-tuple') - (time_low, time_mid, time_hi_version, - clock_seq_hi_variant, clock_seq_low, node) = fields - if not 0 <= time_low < 1<<32L: - raise ValueError('field 1 out of range (need a 32-bit value)') - if not 0 <= time_mid < 1<<16L: - raise ValueError('field 2 out of range (need a 16-bit value)') - if not 0 <= time_hi_version < 1<<16L: - raise ValueError('field 3 out of range (need a 16-bit value)') - if not 0 <= clock_seq_hi_variant < 1<<8L: - raise ValueError('field 4 out of range (need an 8-bit value)') - if not 0 <= clock_seq_low < 1<<8L: - raise ValueError('field 5 out of range (need an 8-bit value)') - if not 0 <= node < 1<<48L: - raise ValueError('field 6 out of range (need a 48-bit value)') - clock_seq = (clock_seq_hi_variant << 8L) | clock_seq_low - int = ((time_low << 96L) | (time_mid << 80L) | - (time_hi_version << 64L) | (clock_seq << 48L) | node) - if int is not None: - if not 0 <= int < 1<<128L: - raise ValueError('int is out of range (need a 128-bit value)') - if version is not None: - if not 1 <= version <= 5: - raise ValueError('illegal version number') - # Set the variant to RFC 4122. - int &= ~(0xc000 << 48L) - int |= 0x8000 << 48L - # Set the version number. - int &= ~(0xf000 << 64L) - int |= version << 76L - self.__dict__['int'] = int - - def __cmp__(self, other): - if isinstance(other, UUID): - return cmp(self.int, other.int) - return NotImplemented - - def __hash__(self): - return hash(self.int) - - def __int__(self): - return self.int - - def __repr__(self): - return 'UUID(%r)' % str(self) - - def __setattr__(self, name, value): - raise TypeError('UUID objects are immutable') - - def __str__(self): - hex = '%032x' % self.int - return '%s-%s-%s-%s-%s' % ( - hex[:8], hex[8:12], hex[12:16], hex[16:20], hex[20:]) - - def get_bytes(self): - bytes = '' - for shift in range(0, 128, 8): - bytes = chr((self.int >> shift) & 0xff) + bytes - return bytes - - bytes = property(get_bytes) - - def get_bytes_le(self): - bytes = self.bytes - return (bytes[3] + bytes[2] + bytes[1] + bytes[0] + - bytes[5] + bytes[4] + bytes[7] + bytes[6] + bytes[8:]) - - bytes_le = property(get_bytes_le) - - def get_fields(self): - return (self.time_low, self.time_mid, self.time_hi_version, - self.clock_seq_hi_variant, self.clock_seq_low, self.node) - - fields = property(get_fields) - - def get_time_low(self): - return self.int >> 96L - - time_low = property(get_time_low) - - def get_time_mid(self): - return (self.int >> 80L) & 0xffff - - time_mid = property(get_time_mid) - - def get_time_hi_version(self): - return (self.int >> 64L) & 0xffff - - time_hi_version = property(get_time_hi_version) - - def get_clock_seq_hi_variant(self): - return (self.int >> 56L) & 0xff - - clock_seq_hi_variant = property(get_clock_seq_hi_variant) - - def get_clock_seq_low(self): - return (self.int >> 48L) & 0xff - - clock_seq_low = property(get_clock_seq_low) - - def get_time(self): - return (((self.time_hi_version & 0x0fffL) << 48L) | - (self.time_mid << 32L) | self.time_low) - - time = property(get_time) - - def get_clock_seq(self): - return (((self.clock_seq_hi_variant & 0x3fL) << 8L) | - self.clock_seq_low) - - clock_seq = property(get_clock_seq) - - def get_node(self): - return self.int & 0xffffffffffff - - node = property(get_node) - - def get_hex(self): - return '%032x' % self.int - - hex = property(get_hex) - - def get_urn(self): - return 'urn:uuid:' + str(self) - - urn = property(get_urn) - - def get_variant(self): - if not self.int & (0x8000 << 48L): - return RESERVED_NCS - elif not self.int & (0x4000 << 48L): - return RFC_4122 - elif not self.int & (0x2000 << 48L): - return RESERVED_MICROSOFT - else: - return RESERVED_FUTURE - - variant = property(get_variant) - - def get_version(self): - # The version bits are only meaningful for RFC 4122 UUIDs. - if self.variant == RFC_4122: - return int((self.int >> 76L) & 0xf) - - version = property(get_version) - -def _find_mac(command, args, hw_identifiers, get_index): - import os - for dir in ['', '/sbin/', '/usr/sbin']: - executable = os.path.join(dir, command) - if not os.path.exists(executable): - continue - - try: - # LC_ALL to get English output, 2>/dev/null to - # prevent output on stderr - cmd = 'LC_ALL=C %s %s 2>/dev/null' % (executable, args) - pipe = os.popen(cmd) - except IOError: - continue - - for line in pipe: - words = line.lower().split() - for i in range(len(words)): - if words[i] in hw_identifiers: - return int(words[get_index(i)].replace(':', ''), 16) - return None - -def _ifconfig_getnode(): - """Get the hardware address on Unix by running ifconfig.""" - - # This works on Linux ('' or '-a'), Tru64 ('-av'), but not all Unixes. - for args in ('', '-a', '-av'): - mac = _find_mac('ifconfig', args, ['hwaddr', 'ether'], lambda i: i+1) - if mac: - return mac - - import socket - ip_addr = socket.gethostbyname(socket.gethostname()) - - # Try getting the MAC addr from arp based on our IP address (Solaris). - mac = _find_mac('arp', '-an', [ip_addr], lambda i: -1) - if mac: - return mac - - # This might work on HP-UX. - mac = _find_mac('lanscan', '-ai', ['lan0'], lambda i: 0) - if mac: - return mac - - return None - -def _ipconfig_getnode(): - """Get the hardware address on Windows by running ipconfig.exe.""" - import os, re - dirs = ['', r'c:\windows\system32', r'c:\winnt\system32'] - """ - try: - import ctypes - buffer = ctypes.create_string_buffer(300) - ctypes.windll.kernel32.GetSystemDirectoryA(buffer, 300) - dirs.insert(0, buffer.value.decode('mbcs')) - except: - pass - """ - for dir in dirs: - try: - pipe = os.popen(os.path.join(dir, 'ipconfig') + ' /all') - except IOError: - continue - for line in pipe: - value = line.split(':')[-1].strip().lower() - if re.match('([0-9a-f][0-9a-f]-){5}[0-9a-f][0-9a-f]', value): - return int(value.replace('-', ''), 16) - -def _netbios_getnode(): - """Get the hardware address on Windows using NetBIOS calls. - See http://support.microsoft.com/kb/118623 for details.""" - import win32wnet, netbios - ncb = netbios.NCB() - ncb.Command = netbios.NCBENUM - ncb.Buffer = adapters = netbios.LANA_ENUM() - adapters._pack() - if win32wnet.Netbios(ncb) != 0: - return - adapters._unpack() - for i in range(adapters.length): - ncb.Reset() - ncb.Command = netbios.NCBRESET - ncb.Lana_num = ord(adapters.lana[i]) - if win32wnet.Netbios(ncb) != 0: - continue - ncb.Reset() - ncb.Command = netbios.NCBASTAT - ncb.Lana_num = ord(adapters.lana[i]) - ncb.Callname = '*'.ljust(16) - ncb.Buffer = status = netbios.ADAPTER_STATUS() - if win32wnet.Netbios(ncb) != 0: - continue - status._unpack() - bytes = map(ord, status.adapter_address) - return ((bytes[0]<<40L) + (bytes[1]<<32L) + (bytes[2]<<24L) + - (bytes[3]<<16L) + (bytes[4]<<8L) + bytes[5]) - -# Thanks to Thomas Heller for ctypes and for his help with its use here. - -# If ctypes is available, use it to find system routines for UUID generation. -_uuid_generate_random = _uuid_generate_time = _UuidCreate = None -""" -try: - import ctypes, ctypes.util - _buffer = ctypes.create_string_buffer(16) - - # The uuid_generate_* routines are provided by libuuid on at least - # Linux and FreeBSD, and provided by libc on Mac OS X. - for libname in ['uuid', 'c']: - try: - lib = ctypes.CDLL(ctypes.util.find_library(libname)) - except: - continue - if hasattr(lib, 'uuid_generate_random'): - _uuid_generate_random = lib.uuid_generate_random - if hasattr(lib, 'uuid_generate_time'): - _uuid_generate_time = lib.uuid_generate_time - - # On Windows prior to 2000, UuidCreate gives a UUID containing the - # hardware address. On Windows 2000 and later, UuidCreate makes a - # random UUID and UuidCreateSequential gives a UUID containing the - # hardware address. These routines are provided by the RPC runtime. - # NOTE: at least on Tim's WinXP Pro SP2 desktop box, while the last - # 6 bytes returned by UuidCreateSequential are fixed, they don't appear - # to bear any relationship to the MAC address of any network device - # on the box. - try: - lib = ctypes.windll.rpcrt4 - except: - lib = None - _UuidCreate = getattr(lib, 'UuidCreateSequential', - getattr(lib, 'UuidCreate', None)) -except: - pass -""" - -def _unixdll_getnode(): - """Get the hardware address on Unix using ctypes.""" - _uuid_generate_time(_buffer) - return UUID(bytes=_buffer.raw).node - -def _windll_getnode(): - """Get the hardware address on Windows using ctypes.""" - if _UuidCreate(_buffer) == 0: - return UUID(bytes=_buffer.raw).node - -def _random_getnode(): - """Get a random node ID, with eighth bit set as suggested by RFC 4122.""" - import random - return random.randrange(0, 1<<48L) | 0x010000000000L - -_node = None - -def getnode(): - """Get the hardware address as a 48-bit positive integer. - - The first time this runs, it may launch a separate program, which could - be quite slow. If all attempts to obtain the hardware address fail, we - choose a random 48-bit number with its eighth bit set to 1 as recommended - in RFC 4122. - """ - - global _node - if _node is not None: - return _node - - import sys - if sys.platform == 'win32': - getters = [_windll_getnode, _netbios_getnode, _ipconfig_getnode] - else: - getters = [_unixdll_getnode, _ifconfig_getnode] - - for getter in getters + [_random_getnode]: - try: - _node = getter() - except: - continue - if _node is not None: - return _node - -_last_timestamp = None - -def uuid1(node=None, clock_seq=None): - """Generate a UUID from a host ID, sequence number, and the current time. - If 'node' is not given, getnode() is used to obtain the hardware - address. If 'clock_seq' is given, it is used as the sequence number; - otherwise a random 14-bit sequence number is chosen.""" - - # When the system provides a version-1 UUID generator, use it (but don't - # use UuidCreate here because its UUIDs don't conform to RFC 4122). - if _uuid_generate_time and node is clock_seq is None: - _uuid_generate_time(_buffer) - return UUID(bytes=_buffer.raw) - - global _last_timestamp - import time - nanoseconds = int(time.time() * 1e9) - # 0x01b21dd213814000 is the number of 100-ns intervals between the - # UUID epoch 1582-10-15 00:00:00 and the Unix epoch 1970-01-01 00:00:00. - timestamp = int(nanoseconds/100) + 0x01b21dd213814000L - if timestamp <= _last_timestamp: - timestamp = _last_timestamp + 1 - _last_timestamp = timestamp - if clock_seq is None: - import random - clock_seq = random.randrange(1<<14L) # instead of stable storage - time_low = timestamp & 0xffffffffL - time_mid = (timestamp >> 32L) & 0xffffL - time_hi_version = (timestamp >> 48L) & 0x0fffL - clock_seq_low = clock_seq & 0xffL - clock_seq_hi_variant = (clock_seq >> 8L) & 0x3fL - if node is None: - node = getnode() - return UUID(fields=(time_low, time_mid, time_hi_version, - clock_seq_hi_variant, clock_seq_low, node), version=1) - -def uuid3(namespace, name): - """Generate a UUID from the MD5 hash of a namespace UUID and a name.""" - try: - from hashlib import md5 - except ImportError: - from md5 import md5 - hash = md5(namespace.bytes + name).digest() - return UUID(bytes=hash[:16], version=3) - -def uuid4(): - """Generate a random UUID.""" - - # When the system provides a version-4 UUID generator, use it. - if _uuid_generate_random: - _uuid_generate_random(_buffer) - return UUID(bytes=_buffer.raw) - - # Otherwise, get randomness from urandom or the 'random' module. - try: - import os - return UUID(bytes=os.urandom(16), version=4) - except: - import random - bytes = [chr(random.randrange(256)) for i in range(16)] - return UUID(bytes=bytes, version=4) - -def uuid5(namespace, name): - """Generate a UUID from the SHA-1 hash of a namespace UUID and a name.""" - try: - from hashlib import sha1 as sha - except ImportError: - from sha import sha - hash = sha(namespace.bytes + name).digest() - return UUID(bytes=hash[:16], version=5) - -# The following standard UUIDs are for use with uuid3() or uuid5(). - -NAMESPACE_DNS = UUID('6ba7b810-9dad-11d1-80b4-00c04fd430c8') -NAMESPACE_URL = UUID('6ba7b811-9dad-11d1-80b4-00c04fd430c8') -NAMESPACE_OID = UUID('6ba7b812-9dad-11d1-80b4-00c04fd430c8') -NAMESPACE_X500 = UUID('6ba7b814-9dad-11d1-80b4-00c04fd430c8') diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index caa616a79..2445ef7fa 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -23,7 +23,7 @@ Base classes for LDAP plugins. import re import json -from ipalib import crud, errors, uuid +from ipalib import crud, errors from ipalib import Method, Object from ipalib import Flag, Int, List, Str from ipalib.base import NameSpace @@ -266,7 +266,7 @@ class LDAPCreate(CallbackInterface, crud.Create): ) if self.obj.uuid_attribute: - entry_attrs[self.obj.uuid_attribute] = str(uuid.uuid1()) + entry_attrs[self.obj.uuid_attribute] = 'autogenerate' if options.get('all', False): attrs_list = ['*'] diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index 39f09eeda..6dc993423 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@ -27,7 +27,7 @@ Example: Migrate users and groups from DS to IPA import logging import re -from ipalib import api, errors, output, uuid +from ipalib import api, errors, output from ipalib import Command, List, Password, Str, Flag from ipalib.cli import to_cli if api.env.in_server and api.env.context in ['lite', 'server']: @@ -58,7 +58,7 @@ def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx): ctx['def_group_gid'] = g_attrs['gidnumber'][0] # fill in required attributes by IPA - entry_attrs['ipauniqueid'] = str(uuid.uuid1()) + entry_attrs['ipauniqueid'] = 'autogenerate' if 'homedirectory' not in entry_attrs: homes_root = config.get('ipahomesrootdir', ('/home', ))[0] home_dir = '%s/%s' % (homes_root, pkey) @@ -112,7 +112,7 @@ def _pre_migrate_group(ldap, pkey, dn, entry_attrs, failed, config, ctx): entry_attrs['member'] = [] entry_attrs['member'] += new_members - entry_attrs['ipauniqueid'] = str(uuid.uuid1()) + entry_attrs['ipauniqueid'] = 'autogenerate' convert_members('member', overwrite=True) convert_members('uniquemember') diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 26cf3d3ba..20f655acb 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -39,7 +39,7 @@ from ldap.dn import escape_dn_chars from ipaserver import ipaldap from ipaserver.install import ldapupdate from ipaserver.install import httpinstance -from ipalib import util, uuid, errors +from ipalib import util, errors from ipaserver.plugins.ldap2 import ldap2 SERVER_ROOT_64 = "/usr/lib64/dirsrv" @@ -475,9 +475,7 @@ class DsInstance(service.Service): self._ldap_mod("ldapi.ldif", self.sub_dict) def add_hbac(self): - self.sub_dict['UUID'] = str(uuid.uuid1()) self._ldap_mod("default-hbac.ldif", self.sub_dict) - del self.sub_dict['UUID'] def change_admin_password(self, password): logging.debug("Changing admin password") diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index 736ba7362..e78155dc4 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -32,7 +32,6 @@ from ipapython import sysrestore from ipapython import ipautil from ipalib import util from ipalib import errors -from ipalib import uuid from ipaserver import ipaldap @@ -121,7 +120,7 @@ class KrbInstance(service.Service): host_entry.setValue('serverhostname', self.fqdn.split('.',1)[0]) host_entry.setValue('cn', self.fqdn) host_entry.setValue('fqdn', self.fqdn) - host_entry.setValue('ipauniqueid', str(uuid.uuid1())) + host_entry.setValue('ipauniqueid', 'autogenerate') host_entry.setValue('managedby', host_dn) conn.addEntry(host_entry) conn.unbind() diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py index 91ff80f55..3ab5a0e4d 100644 --- a/ipaserver/install/ldapupdate.py +++ b/ipaserver/install/ldapupdate.py @@ -28,7 +28,7 @@ import sys from ipaserver.install import installutils from ipaserver import ipaldap from ipapython import entity, ipautil -from ipalib import util, uuid +from ipalib import util from ipalib import errors import ldap from ldap.dn import escape_dn_chars @@ -143,7 +143,6 @@ class LDAPUpdate: def _template_str(self, s): try: - self.sub_dict["UUID"] = str(uuid.uuid1()) return ipautil.template_str(s, self.sub_dict) except KeyError, e: raise BadSyntax("Unknown template keyword %s" % e) diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index 4affef457..43437306e 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -22,7 +22,7 @@ import os import tempfile from ipapython import sysrestore from ipapython import ipautil -from ipalib import uuid, errors +from ipalib import errors import ldap from ipaserver import ipaldap import base64 @@ -104,7 +104,6 @@ class Service: path = ipautil.SHARE_DIR + ldif if sub_dict is not None: - sub_dict['UUID'] = str(uuid.uuid1()) txt = ipautil.template_file(path, sub_dict) fd = ipautil.write_tmp_file(txt) path = fd.name @@ -153,7 +152,7 @@ class Service: classes = entry.getValues("objectclass") classes = classes + ["ipaobject", "ipaservice", "pkiuser"] entry.setValues("objectclass", list(set(classes))) - entry.setValue("ipauniqueid", str(uuid.uuid1())) + entry.setValue("ipauniqueid", 'autogenerate') entry.setValue("managedby", hostdn) conn.addEntry(entry) conn.unbind() diff --git a/tests/test_xmlrpc/xmlrpc_test.py b/tests/test_xmlrpc/xmlrpc_test.py index 1e41bc4e6..25a3ac31c 100644 --- a/tests/test_xmlrpc/xmlrpc_test.py +++ b/tests/test_xmlrpc/xmlrpc_test.py @@ -36,7 +36,7 @@ fuzzy_digits = Fuzzy('^\d+$', type=basestring) # Matches an ipauniqueid like u'784d85fd-eae7-11de-9d01-54520012478b' fuzzy_uuid = Fuzzy( - '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$' + '^[0-9a-f]{8}-[0-9a-f]{8}-[0-9a-f]{8}-[0-9a-f]{8}$' ) -- cgit