summaryrefslogtreecommitdiffstats
path: root/install/migration/migration.py
diff options
context:
space:
mode:
authorPavel Zuna <pzuna@redhat.com>2011-02-15 14:11:27 -0500
committerRob Crittenden <rcritten@redhat.com>2011-03-03 14:04:34 -0500
commit64575a411b27dde7919406fdaf5bdec07c6645f3 (patch)
treeab0870adf6181f4457959f44fb936ec705f741d2 /install/migration/migration.py
parenteb6b3c7afc4065f12960f09791f2a5b645abef8b (diff)
downloadfreeipa-64575a411b27dde7919406fdaf5bdec07c6645f3.zip
freeipa-64575a411b27dde7919406fdaf5bdec07c6645f3.tar.gz
freeipa-64575a411b27dde7919406fdaf5bdec07c6645f3.tar.xz
Use ldapi: instead of unsecured ldap: in ipa core tools.
The patch also corrects exception handling in some of the tools. Fix #874
Diffstat (limited to 'install/migration/migration.py')
-rw-r--r--install/migration/migration.py9
1 files changed, 7 insertions, 2 deletions
diff --git a/install/migration/migration.py b/install/migration/migration.py
index 6b447f3..ed6ade9 100644
--- a/install/migration/migration.py
+++ b/install/migration/migration.py
@@ -20,13 +20,14 @@
Password migration script
"""
+import cgi
import errno
+import glob
import ldap
-import cgi
import wsgiref
BASE_DN = ''
-LDAP_URI = 'ldap://localhost:389'
+LDAP_URI = 'ldaps://localhost:636'
def wsgi_redirect(start_response, loc):
start_response('302 Found', [('Location', loc)])
@@ -83,6 +84,10 @@ def application(environ, start_response):
if not form_data.has_key('username') or not form_data.has_key('password'):
return wsgi_redirect(start_response, 'invalid.html')
+ slapd_sockets = glob.glob('/var/run/slapd-*.socket')
+ if slapd_sockets:
+ LDAP_URI = 'ldapi://%s' % slapd_sockets[0].replace('/', '%2f')
+
try:
bind(form_data['username'].value, form_data['password'].value)
except IOError as err: