summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2014-01-14 14:23:47 -0500
committerMartin Kosek <mkosek@redhat.com>2014-01-15 10:02:49 +0100
commit0070c0fedab5386b313908762c6b6ab2c1577489 (patch)
treead1e512005276e5a0ef4d4a16985146763ad8d48
parent689382dc833e687d30349b10a8fd7dc740d54d08 (diff)
downloadfreeipa-0070c0fedab5386b313908762c6b6ab2c1577489.zip
freeipa-0070c0fedab5386b313908762c6b6ab2c1577489.tar.gz
freeipa-0070c0fedab5386b313908762c6b6ab2c1577489.tar.xz
Change the way we determine if the host has a password set.
When creating a host with a password we don't set a Kerberos principal or add the Kerberos objectclasses. Those get added when the host is enrolled. If one passed in --password= (so no password) then we incorrectly thought the user was in fact setting a password, so the principal and objectclasses weren't updated. https://fedorahosted.org/freeipa/ticket/4102
-rw-r--r--ipalib/plugins/host.py2
-rw-r--r--ipatests/test_xmlrpc/test_host_plugin.py27
2 files changed, 28 insertions, 1 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index ef7ec52..27b692a 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -424,7 +424,7 @@ class host_add(LDAPCreate):
entry_attrs['l'] = entry_attrs['locality']
entry_attrs['cn'] = keys[-1]
entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0]
- if 'userpassword' not in entry_attrs and not options.get('random', False):
+ if not entry_attrs.get('userpassword', False) and not options.get('random', False):
entry_attrs['krbprincipalname'] = 'host/%s@%s' % (
keys[-1], self.api.env.realm
)
diff --git a/ipatests/test_xmlrpc/test_host_plugin.py b/ipatests/test_xmlrpc/test_host_plugin.py
index a23a341..7b64398 100644
--- a/ipatests/test_xmlrpc/test_host_plugin.py
+++ b/ipatests/test_xmlrpc/test_host_plugin.py
@@ -863,6 +863,33 @@ class test_host(Declarative):
),
),
+
+ dict(
+ desc='Create a host with a NULL password',
+ command=('host_add', [fqdn3],
+ dict(
+ description=u'Test host 3',
+ force=True,
+ userpassword=None,
+ ),
+ ),
+ expected=dict(
+ value=fqdn3,
+ summary=u'Added host "%s"' % fqdn3,
+ result=dict(
+ dn=dn3,
+ fqdn=[fqdn3],
+ description=[u'Test host 3'],
+ krbprincipalname=[u'host/%s@%s' % (fqdn3, api.env.realm)],
+ objectclass=objectclasses.host,
+ ipauniqueid=[fuzzy_uuid],
+ managedby_host=[u'%s' % fqdn3],
+ has_keytab=False,
+ has_password=False,
+ ),
+ ),
+ ),
+
]
class test_host_false_pwd_change(XMLRPC_test):