From 664248d5b846321f61e0776b646cca82c5a17884 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Thu, 31 Jan 2013 08:26:38 -0500
Subject: Use IPAdmin rather than raw python-ldap in migration.py and
 ipadiscovery.py

These used ipautil.get_ipa_basedn. Convert that to use the new wrappers.

Beef up the error handling in ipaldap to accomodate the errors we catch
in the server discovery.
Add a DatabaseTimeout exception to errors.py.

These were the last uses of ipautil.convert_ldap_error, remove that.

https://fedorahosted.org/freeipa/ticket/3487
https://fedorahosted.org/freeipa/ticket/3446
---
 install/migration/migration.py | 26 ++++++--------------------
 1 file changed, 6 insertions(+), 20 deletions(-)

(limited to 'install/migration')

diff --git a/install/migration/migration.py b/install/migration/migration.py
index 81b15b021..27e23a59f 100644
--- a/install/migration/migration.py
+++ b/install/migration/migration.py
@@ -23,7 +23,6 @@ Password migration script
 import cgi
 import errno
 import glob
-import ldap
 import wsgiref
 
 from ipapython.ipa_log_manager import root_logger
@@ -33,19 +32,6 @@ from ipapython.ipaldap import IPAdmin
 from ipalib import errors
 
 
-def convert_exception(error):
-    """
-    Convert an LDAP exception into something more readable.
-    """
-    if not isinstance(error, ldap.TIMEOUT):
-        desc = error.args[0]['desc'].strip()
-        info = error.args[0].get('info', '').strip()
-    else:
-        desc = ''
-        info = ''
-
-    return '%s (%s)' % (desc, info)
-
 def wsgi_redirect(start_response, loc):
     start_response('302 Found', [('Location', loc)])
     return []
@@ -63,14 +49,14 @@ def get_base_dn(ldap_uri):
     Retrieve LDAP server base DN.
     """
     try:
-        conn = ldap.initialize(ldap_uri)
-        conn.simple_bind_s('', '')
+        conn = IPAdmin(ldap_uri=ldap_uri)
+        conn.do_simple_bind(DN(), '')
         base_dn = get_ipa_basedn(conn)
-    except ldap.LDAPError, e:
+    except Exception, e:
         root_logger.error('migration context search failed: %s' % e)
         return ''
     finally:
-        conn.unbind_s()
+        conn.unbind()
 
     return base_dn
 
@@ -82,14 +68,14 @@ def bind(ldap_uri, base_dn, username, password):
     bind_dn = DN(('uid', username), ('cn', 'users'), ('cn', 'accounts'), base_dn)
     try:
         conn = IPAdmin(ldap_uri=ldap_uri)
-        conn.do_simple_bind(str(bind_dn), password)
+        conn.do_simple_bind(bind_dn, password)
     except (errors.ACIError, errors.DatabaseError, errors.NotFound), e:
         root_logger.error(
             'migration invalid credentials for %s: %s' % (bind_dn, e))
         raise IOError(
             errno.EPERM, 'Invalid LDAP credentials for user %s' % username)
     except Exception, e:
-        root_logger.error('migration bind failed: %s' % convert_exception(e))
+        root_logger.error('migration bind failed: %s' % e)
         raise IOError(errno.EIO, 'Bind error')
     finally:
         conn.unbind()
-- 
cgit