From e9dfbfa773149c57544e5c8e4d87a00fc9960bf1 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 8 Nov 2007 22:12:42 -0500
Subject: Enable multi-value field support for some attributes on the edit
 pages Better error reporting in the GUI Include a document describing how
 multi-valued fields work

---
 ipa-python/ipaerror.py | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'ipa-python')

diff --git a/ipa-python/ipaerror.py b/ipa-python/ipaerror.py
index 0106132c..b10a9a8f 100644
--- a/ipa-python/ipaerror.py
+++ b/ipa-python/ipaerror.py
@@ -28,6 +28,11 @@ class IPAError(exceptions.Exception):
            error."""
         self.code = code
         self.message = message
+        # Fill this in as an empty LDAP error message so we don't have a lot
+        # of "if e.detail ..." everywhere
+        if detail is None:
+             detail = []
+             detail.append({'desc':'','info':''})
         self.detail = detail
 
     def __str__(self):
-- 
cgit 


From 705d68ddcb3dfb98e7ce9a0ef4c9397977ab3f53 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 9 Nov 2007 13:58:36 -0500
Subject: Require uniqueness in the name/comment field of delegations Fix error
 reporting in the UI to include the detailed message Sort delegations by name
 when displaying them Update the name field from "Name" to "Delegation Name"

---
 ipa-python/aci.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'ipa-python')

diff --git a/ipa-python/aci.py b/ipa-python/aci.py
index 60e19075..d35da8da 100644
--- a/ipa-python/aci.py
+++ b/ipa-python/aci.py
@@ -37,6 +37,16 @@ class ACI:
         if acistr is not None:
             self.parse_acistr(acistr)
 
+    def __getitem__(self,key):
+        """Fake getting attributes by key for sorting"""
+        if key == 0:
+            return self.name
+        if key == 1:
+            return self.source_group
+        if key == 2:
+            return self.dest_group
+        raise TypeError("Unknown key value %s" % key)
+
     def export_to_string(self):
         """Converts the ACI to a string suitable for an LDAP aci attribute."""
         attrs_str = ' || '.join(self.attrs)
-- 
cgit 


From 99b84bfd01e0b3f4e9e69ea7c2912545bef0d71a Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 9 Nov 2007 16:34:52 -0500
Subject: Handle ldap.UNWILLING_TO_PERFORM more gracefully

---
 ipa-python/ipaerror.py | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'ipa-python')

diff --git a/ipa-python/ipaerror.py b/ipa-python/ipaerror.py
index b10a9a8f..f583322e 100644
--- a/ipa-python/ipaerror.py
+++ b/ipa-python/ipaerror.py
@@ -152,3 +152,8 @@ CONNECTION_GSSAPI_CREDENTIALS = gen_error_code(
         CONNECTION_CATEGORY,
         0x0003,
         "GSSAPI Authorization error")
+
+CONNECTION_UNWILLING = gen_error_code(
+        CONNECTION_CATEGORY,
+        0x0004,
+        "Account inactivated. Server is unwilling to perform.")
-- 
cgit 


From 1967aafa3985fa87e02ae372164abe2524d9bd65 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 16 Nov 2007 12:59:32 -0500
Subject: Implement the password policy UI and finish IPA policy UI This
 includes a default password policy Custom fields are now read from LDAP. The
 format is a list of   dicts with keys: label, field, required. The LDAP-based
 configuration now specifies:     ipaUserSearchFields:
 uid,givenName,sn,telephoneNumber,ou,title     ipaGroupSearchFields:
 cn,description     ipaSearchTimeLimit: 2     ipaSearchRecordsLimit: 0    
 ipaCustomFields:     ipaHomesRootDir: /home     ipaDefaultLoginShell: /bin/sh
     ipaDefaultPrimaryGroup: ipausers     ipaMaxUsernameLength: 8    
 ipaPwdExpAdvNotify: 4 This could use some optimization.

---
 ipa-python/ipaclient.py | 38 ++++++++++++++++++++++---
 ipa-python/ipaerror.py  |  5 ++++
 ipa-python/rpcclient.py | 73 +++++++++++++++++++++++++++++++++++++++++++------
 3 files changed, 104 insertions(+), 12 deletions(-)

(limited to 'ipa-python')

diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index 659ff995..f8c70974 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -134,10 +134,14 @@ class IPAClient:
 
         return all_users
 
-    def get_add_schema(self):
-        """Prototype for the GUI. Specify in the directory fields to
-           be displayed and what data to get for new users."""
-        result = self.transport.get_add_schema()
+    def get_custom_fields(self):
+        """Get custom user fields"""
+        result = self.transport.get_custom_fields()
+        return result
+
+    def set_custom_fields(self, schema):
+        """Set custom user fields"""
+        result = self.transport.set_custom_fields(schema)
         return result
 
     def find_users(self, criteria, sattrs=None, searchlimit=0, timelimit=-1):
@@ -331,3 +335,29 @@ class IPAClient:
                 entries.append(user.User(e))
 
         return entries
+
+    def get_ipa_config(self):
+        """Get the IPA configuration"""
+        result = self.transport.get_ipa_config()
+        return entity.Entity(result)
+
+    def update_ipa_config(self, config):
+        """Updates the IPA configuration.
+
+           config is an Entity object.
+        """
+        result = self.transport.update_ipa_config(config.origDataDict(), config.toDict())
+        return result
+
+    def get_password_policy(self):
+        """Get the IPA password policy"""
+        result = self.transport.get_password_policy()
+        return entity.Entity(result)
+
+    def update_password_policy(self, policy):
+        """Updates the IPA password policy.
+
+           policy is an Entity object.
+        """
+        result = self.transport.update_password_policy(policy.origDataDict(), policy.toDict())
+        return result
diff --git a/ipa-python/ipaerror.py b/ipa-python/ipaerror.py
index f583322e..5391b3fd 100644
--- a/ipa-python/ipaerror.py
+++ b/ipa-python/ipaerror.py
@@ -123,6 +123,11 @@ LDAP_EMPTY_MODLIST = gen_error_code(
         0x0006,
         "No modifications to be performed")
 
+LDAP_NO_CONFIG = gen_error_code(
+        LDAP_CATEGORY,
+        0x0007,
+        "IPA configuration not found")
+
 #
 # Input errors  (sample - replace me)
 #
diff --git a/ipa-python/rpcclient.py b/ipa-python/rpcclient.py
index 871c3725..c4ca2ff3 100644
--- a/ipa-python/rpcclient.py
+++ b/ipa-python/rpcclient.py
@@ -218,23 +218,32 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
         
-    def get_add_schema(self):
-        """Get the list of attributes we need to ask when adding a new
-           user.
-        """
+    def get_custom_fields(self):
+        """Get custom user fields."""
         server = self.setup_server()
         
-        # FIXME: Hardcoded and designed for the TurboGears GUI. Do we want
-        # this for the CLI as well?
         try:
-            result = server.get_add_schema()
+            result = server.get_custom_fields()
         except xmlrpclib.Fault, fault:
             raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
         except socket.error, (value, msg):
             raise xmlrpclib.Fault(value, msg)
       
         return ipautil.unwrap_binary_data(result)
-    
+
+    def set_custom_fields(self, schema):
+        """Set custom user fields."""
+        server = self.setup_server()
+        
+        try:
+            result = server.set_custom_fields(schema)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+      
     def get_all_users (self):
         """Return a list containing a User object for each existing user."""
     
@@ -591,3 +600,51 @@ class RPCClient:
             raise xmlrpclib.Fault(value, msg)
 
         return ipautil.unwrap_binary_data(result)
+
+    def get_ipa_config(self):
+        """Get the IPA configuration"""
+        server = self.setup_server()
+        try:
+            result = server.get_ipa_config()
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def update_ipa_config(self, oldconfig, newconfig):
+        """Update the IPA configuration"""
+        server = self.setup_server()
+        try:
+            result = server.update_ipa_config(oldconfig, newconfig)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def get_password_policy(self):
+        """Get the IPA password policy"""
+        server = self.setup_server()
+        try:
+            result = server.get_password_policy()
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def update_password_policy(self, oldpolicy, newpolicy):
+        """Update the IPA password policy"""
+        server = self.setup_server()
+        try:
+            result = server.update_password_policy(oldpolicy, newpolicy)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
-- 
cgit 


From f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 20 Nov 2007 22:45:29 -0500
Subject: Enable group inactivation by using the Class of Service plugin.

This adds 2 new groups: activated and inactivated.

If you, or a group you are a member of, is in inactivated then you are too.

If you, or a group you are a member of, is in the activated group, then you
are too.

In a fight between activated and inactivated, activated wins.

The DNs for doing this matching is case and white space sensitive.

The goal is to never have to actually set nsAccountLock in a user directly
but move them between these groups.

We need to decide where in the CLI this will happen. Right it is split
between ipa-deluser and ipa-usermod. To inactivate groups for now just
add the group to inactivate or active.
---
 ipa-python/ipaclient.py | 24 ++++++++++++++++++++++--
 ipa-python/rpcclient.py | 48 +++++++++++++++++++++++++++++++++++++++++++++---
 2 files changed, 67 insertions(+), 5 deletions(-)

(limited to 'ipa-python')

diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index f8c70974..0eeb2f36 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -177,10 +177,16 @@ class IPAClient:
 
         return result
 
-    def mark_user_deleted(self,uid):
+    def mark_user_active(self,uid):
+        """Set a user as active by uid."""
+
+        result = self.transport.mark_user_active(uid)
+        return result
+
+    def mark_user_inactive(self,uid):
         """Set a user as inactive by uid."""
 
-        result = self.transport.mark_user_deleted(uid)
+        result = self.transport.mark_user_inactive(uid)
         return result
 
 # Groups support
@@ -335,6 +341,20 @@ class IPAClient:
                 entries.append(user.User(e))
 
         return entries
+ 
+     def mark_group_active(self,cn):
+         """Set a group as active by cn."""
+ 
+         result = self.transport.mark_group_active(cn)
+         return result
+ 
+     def mark_group_inactive(self,cn):
+         """Set a group as inactive by cn."""
+ 
+         result = self.transport.mark_group_inactive(cn)
+         return result
+
+# Configuration
 
     def get_ipa_config(self):
         """Get the IPA configuration"""
diff --git a/ipa-python/rpcclient.py b/ipa-python/rpcclient.py
index c4ca2ff3..d4c3dcc8 100644
--- a/ipa-python/rpcclient.py
+++ b/ipa-python/rpcclient.py
@@ -318,12 +318,12 @@ class RPCClient:
 
         return result
 
-    def mark_user_deleted(self,uid):
-        """Mark a user as deleted/inactive"""
+    def mark_user_active(self,uid):
+        """Mark a user as active"""
         server = self.setup_server()
     
         try:
-            result = server.mark_user_deleted(uid)
+            result = server.mark_user_active(uid)
         except xmlrpclib.Fault, fault:
             raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
         except socket.error, (value, msg):
@@ -331,6 +331,20 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
 
+    def mark_user_inactive(self,uid):
+        """Mark a user as inactive"""
+        server = self.setup_server()
+    
+        try:
+            result = server.mark_user_inactive(uid)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+
 # Group support
 
     def get_groups_by_member(self,member_dn,sattrs=None):
@@ -601,6 +615,34 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
 
+    def mark_group_active(self,cn):
+        """Mark a group as active"""
+        server = self.setup_server()
+    
+        try:
+            result = server.mark_group_active(cn)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def mark_group_inactive(self,cn):
+        """Mark a group as inactive"""
+        server = self.setup_server()
+    
+        try:
+            result = server.mark_group_inactive(cn)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+# Configuration support
+
     def get_ipa_config(self):
         """Get the IPA configuration"""
         server = self.setup_server()
-- 
cgit 


From bf743087d25e170091dc507fa087d012b64b1468 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Wed, 21 Nov 2007 00:29:03 -0500
Subject: Fix indentation error that occured in merge

---
 ipa-python/ipaclient.py | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'ipa-python')

diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index 0eeb2f36..cda8ceb9 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -342,17 +342,17 @@ class IPAClient:
 
         return entries
  
-     def mark_group_active(self,cn):
-         """Set a group as active by cn."""
- 
-         result = self.transport.mark_group_active(cn)
-         return result
- 
-     def mark_group_inactive(self,cn):
-         """Set a group as inactive by cn."""
- 
-         result = self.transport.mark_group_inactive(cn)
-         return result
+    def mark_group_active(self,cn):
+        """Set a group as active by cn."""
+
+        result = self.transport.mark_group_active(cn)
+        return result
+
+    def mark_group_inactive(self,cn):
+        """Set a group as inactive by cn."""
+
+        result = self.transport.mark_group_inactive(cn)
+        return result
 
 # Configuration
 
-- 
cgit 


From c373ed5c5ccbee64c956a9a682a1427387498d8d Mon Sep 17 00:00:00 2001
From: Karl MacMillan <kmacmill@redhat.com>
Date: Wed, 21 Nov 2007 18:01:32 -0500
Subject: Initial replication setup.

This add replication setup through two new commands: ipa-replica-prepare
and ipa-replica-install. The procedure is to run ipa-replica-prepare
on an existing master. This will collect information about the realm
and the current master and create a file storing all of the information.
After copying that file to the new replica, ipa-replica-install is
run (with -r to create a read-only replica).

This version of the patch also includes fixes for the sasl mappings
on the replicas.

Remaining features:
- ssl for replication.
- automatic configuration of mesh topology for
  master (or a simpler way to replicate multiple
  masters.
- tool for view / configuring current replication.
---
 ipa-python/ipautil.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ipa-python')

diff --git a/ipa-python/ipautil.py b/ipa-python/ipautil.py
index e7f59419..cd8eac16 100644
--- a/ipa-python/ipautil.py
+++ b/ipa-python/ipautil.py
@@ -25,6 +25,7 @@ import logging
 import subprocess
 import os
 import stat
+import socket
 
 from string import lower
 import re
@@ -36,7 +37,6 @@ def realm_to_suffix(realm_name):
     terms = ["dc=" + x.lower() for x in s]
     return ",".join(terms)
 
-
 def template_str(txt, vars):
     return string.Template(txt).substitute(vars)
 
-- 
cgit 


From 67cddce4d47791ad357ed5551ab58e16dbf87e0c Mon Sep 17 00:00:00 2001
From: Karl MacMillan <kmacmill@redhat.com>
Date: Wed, 21 Nov 2007 18:09:24 -0500
Subject: Generate master password from Simo.

---
 ipa-python/ipautil.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'ipa-python')

diff --git a/ipa-python/ipautil.py b/ipa-python/ipautil.py
index cd8eac16..df923188 100644
--- a/ipa-python/ipautil.py
+++ b/ipa-python/ipautil.py
@@ -23,6 +23,8 @@ import string
 import tempfile
 import logging
 import subprocess
+from random import Random
+from time import gmtime
 import os
 import stat
 import socket
@@ -331,3 +333,13 @@ def parse_generalized_time(timestr):
     except ValueError:
         return None
 
+
+def ipa_generate_password():
+    rndpwd = ''
+    r = Random()
+    r.seed(gmtime())
+    for x in range(12):
+#        rndpwd += chr(r.randint(32,126))
+        rndpwd += chr(r.randint(65,90)) #stricter set for testing
+    return rndpwd
+
-- 
cgit 


From b202b6cc31c6f036305bd7389201c6aa57dcc5fe Mon Sep 17 00:00:00 2001
From: Karl MacMillan <kmacmill@redhat.com>
Date: Wed, 21 Nov 2007 23:09:13 -0500
Subject: Bump the version numbers for release. Also remove specific version
 check on freeradius. Packages aren't available and the freeradius support
 isn't ready anyway.

---
 ipa-python/freeipa-python.spec | 2 +-
 ipa-python/setup.py            | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'ipa-python')

diff --git a/ipa-python/freeipa-python.spec b/ipa-python/freeipa-python.spec
index a84fb0fe..2c1420f9 100755
--- a/ipa-python/freeipa-python.spec
+++ b/ipa-python/freeipa-python.spec
@@ -1,5 +1,5 @@
 Name:           freeipa-python
-Version:        0.4.1
+Version:        0.5.0
 Release:        1%{?dist}
 Summary:        FreeIPA authentication server
 
diff --git a/ipa-python/setup.py b/ipa-python/setup.py
index defd49cb..3a5a6f4e 100644
--- a/ipa-python/setup.py
+++ b/ipa-python/setup.py
@@ -35,7 +35,7 @@ def setup_package():
     try:
         setup(
             name = "freeipa-python",
-            version = "0.4.1",
+            version = "0.5.0",
             license = "GPL",
             author = "Karl MacMillan, et.al.",
             author_email = "kmacmillan@redhat.com",
-- 
cgit 


From 9038bf71dd76d845746e0ea3e94bca9f52f60c03 Mon Sep 17 00:00:00 2001
From: Karl MacMillan <kmacmill@redhat.com>
Date: Wed, 21 Nov 2007 23:28:06 -0500
Subject: Move packages to ipa from freeipa.

---
 ipa-python/freeipa-python.spec    | 64 -------------------------------------
 ipa-python/freeipa-python.spec.in | 64 -------------------------------------
 ipa-python/ipa-python.spec        | 67 +++++++++++++++++++++++++++++++++++++++
 ipa-python/ipa-python.spec.in     | 67 +++++++++++++++++++++++++++++++++++++++
 4 files changed, 134 insertions(+), 128 deletions(-)
 delete mode 100755 ipa-python/freeipa-python.spec
 delete mode 100755 ipa-python/freeipa-python.spec.in
 create mode 100755 ipa-python/ipa-python.spec
 create mode 100755 ipa-python/ipa-python.spec.in

(limited to 'ipa-python')

diff --git a/ipa-python/freeipa-python.spec b/ipa-python/freeipa-python.spec
deleted file mode 100755
index 2c1420f9..00000000
--- a/ipa-python/freeipa-python.spec
+++ /dev/null
@@ -1,64 +0,0 @@
-Name:           freeipa-python
-Version:        0.5.0
-Release:        1%{?dist}
-Summary:        FreeIPA authentication server
-
-Group:          System Environment/Base
-License:        GPL
-URL:            http://www.freeipa.org
-Source0:        http://www.freeipa.org/downloads/%{name}-%{version}.tgz
-BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildArch: 	noarch
-BuildRequires: python-devel
-Requires: PyKerberos
-
-%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
-
-%define pkgpythondir  %{python_sitelib}/ipa
-
-%description
-FreeIPA is a server for identity, policy, and audit.
-
-%prep
-%setup -q
-
-%build
-
-%install
-rm -rf %{buildroot}
-%{__python} setup.py install --no-compile --root=%{buildroot}
-
-%clean
-rm -rf %{buildroot}
-
-%files
-%defattr(-,root,root,-)
-%dir %{pkgpythondir}
-%{pkgpythondir}/*
-%config(noreplace) %{_sysconfdir}/ipa/ipa.conf
-
-%changelog
-* Thu Nov 1 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.1-1
-- Version bump for release
-
-* Wed Oct 17 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-2
-- Use new python setup.py build script
-
-* Tue Oct  2 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-1
-- Milestone 4
-
-* Mon Sep 10 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1
-- Milestone 3
-
-* Fri Aug 17 2007 Karl MacMillan <kmacmill@redhat.com> = 0.2.0-4
-- Added PyKerberos dep.
-
-* Mon Aug  5 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-3
-- Abstracted client class to work directly or over RPC
-
-* Wed Aug  1 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-2
-- Add User class
-- Add kerberos authentication to the XML-RPC request made from tools.
-
-* Fri Jul 27 2007 Karl MacMillan <kmacmill@localhost.localdomain> - 0.1.0-1
-- Initial rpm version
diff --git a/ipa-python/freeipa-python.spec.in b/ipa-python/freeipa-python.spec.in
deleted file mode 100755
index 0c46098c..00000000
--- a/ipa-python/freeipa-python.spec.in
+++ /dev/null
@@ -1,64 +0,0 @@
-Name:           freeipa-python
-Version:        VERSION
-Release:        1%{?dist}
-Summary:        FreeIPA authentication server
-
-Group:          System Environment/Base
-License:        GPL
-URL:            http://www.freeipa.org
-Source0:        http://www.freeipa.org/downloads/%{name}-%{version}.tgz
-BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildArch: 	noarch
-BuildRequires: python-devel
-Requires: PyKerberos
-
-%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
-
-%define pkgpythondir  %{python_sitelib}/ipa
-
-%description
-FreeIPA is a server for identity, policy, and audit.
-
-%prep
-%setup -q
-
-%build
-
-%install
-rm -rf %{buildroot}
-%{__python} setup.py install --no-compile --root=%{buildroot}
-
-%clean
-rm -rf %{buildroot}
-
-%files
-%defattr(-,root,root,-)
-%dir %{pkgpythondir}
-%{pkgpythondir}/*
-%config(noreplace) %{_sysconfdir}/ipa/ipa.conf
-
-%changelog
-* Thu Nov 1 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.1-1
-- Version bump for release
-
-* Wed Oct 17 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-2
-- Use new python setup.py build script
-
-* Tue Oct  2 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-1
-- Milestone 4
-
-* Mon Sep 10 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1
-- Milestone 3
-
-* Fri Aug 17 2007 Karl MacMillan <kmacmill@redhat.com> = 0.2.0-4
-- Added PyKerberos dep.
-
-* Mon Aug  5 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-3
-- Abstracted client class to work directly or over RPC
-
-* Wed Aug  1 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-2
-- Add User class
-- Add kerberos authentication to the XML-RPC request made from tools.
-
-* Fri Jul 27 2007 Karl MacMillan <kmacmill@localhost.localdomain> - 0.1.0-1
-- Initial rpm version
diff --git a/ipa-python/ipa-python.spec b/ipa-python/ipa-python.spec
new file mode 100755
index 00000000..2837a283
--- /dev/null
+++ b/ipa-python/ipa-python.spec
@@ -0,0 +1,67 @@
+Name:           ipa-python
+Version:        0.5.0
+Release:        1%{?dist}
+Summary:        Ipa authentication server
+
+Group:          System Environment/Base
+License:        GPL
+URL:            http://www.freeipa.org
+Source0:        http://www.freeipa.org/downloads/%{name}-%{version}.tgz
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: 	noarch
+BuildRequires: python-devel
+Requires: PyKerberos
+
+%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
+
+%define pkgpythondir  %{python_sitelib}/ipa
+
+%description
+Ipa is a server for identity, policy, and audit.
+
+%prep
+%setup -q
+
+%build
+
+%install
+rm -rf %{buildroot}
+%{__python} setup.py install --no-compile --root=%{buildroot}
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%dir %{pkgpythondir}
+%{pkgpythondir}/*
+%config(noreplace) %{_sysconfdir}/ipa/ipa.conf
+
+%changelog
+* Wed Nov 21 2007 Karl MacMillan <kmacmill@redhat.com> - 0.5.0-1
+- Version bump for release and rename of rpm
+
+* Thu Nov 1 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.1-1
+- Version bump for release
+
+* Wed Oct 17 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-2
+- Use new python setup.py build script
+
+* Tue Oct  2 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-1
+- Milestone 4
+
+* Mon Sep 10 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1
+- Milestone 3
+
+* Fri Aug 17 2007 Karl MacMillan <kmacmill@redhat.com> = 0.2.0-4
+- Added PyKerberos dep.
+
+* Mon Aug  5 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-3
+- Abstracted client class to work directly or over RPC
+
+* Wed Aug  1 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-2
+- Add User class
+- Add kerberos authentication to the XML-RPC request made from tools.
+
+* Fri Jul 27 2007 Karl MacMillan <kmacmill@localhost.localdomain> - 0.1.0-1
+- Initial rpm version
diff --git a/ipa-python/ipa-python.spec.in b/ipa-python/ipa-python.spec.in
new file mode 100755
index 00000000..bd8ac0da
--- /dev/null
+++ b/ipa-python/ipa-python.spec.in
@@ -0,0 +1,67 @@
+Name:           ipa-python
+Version:        VERSION
+Release:        1%{?dist}
+Summary:        Ipa authentication server
+
+Group:          System Environment/Base
+License:        GPL
+URL:            http://www.freeipa.org
+Source0:        http://www.freeipa.org/downloads/%{name}-%{version}.tgz
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: 	noarch
+BuildRequires: python-devel
+Requires: PyKerberos
+
+%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
+
+%define pkgpythondir  %{python_sitelib}/ipa
+
+%description
+Ipa is a server for identity, policy, and audit.
+
+%prep
+%setup -q
+
+%build
+
+%install
+rm -rf %{buildroot}
+%{__python} setup.py install --no-compile --root=%{buildroot}
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%dir %{pkgpythondir}
+%{pkgpythondir}/*
+%config(noreplace) %{_sysconfdir}/ipa/ipa.conf
+
+%changelog
+* Wed Nov 21 2007 Karl MacMillan <kmacmill@redhat.com> - 0.5.0-1
+- Version bump for release and rename of rpm
+
+* Thu Nov 1 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.1-1
+- Version bump for release
+
+* Wed Oct 17 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-2
+- Use new python setup.py build script
+
+* Tue Oct  2 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-1
+- Milestone 4
+
+* Mon Sep 10 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1
+- Milestone 3
+
+* Fri Aug 17 2007 Karl MacMillan <kmacmill@redhat.com> = 0.2.0-4
+- Added PyKerberos dep.
+
+* Mon Aug  5 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-3
+- Abstracted client class to work directly or over RPC
+
+* Wed Aug  1 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-2
+- Add User class
+- Add kerberos authentication to the XML-RPC request made from tools.
+
+* Fri Jul 27 2007 Karl MacMillan <kmacmill@localhost.localdomain> - 0.1.0-1
+- Initial rpm version
-- 
cgit 


From edc7af1446af451ea5ed44420cceb05059a7b973 Mon Sep 17 00:00:00 2001
From: Karl MacMillan <kmacmill@redhat.com>
Date: Wed, 21 Nov 2007 23:28:25 -0500
Subject: Add xml-rpc interface for getting keytabs.

Warning: this lacks any sort of authorization.
---
 ipa-python/ipaclient.py |  7 +++++++
 ipa-python/rpcclient.py | 24 ++++++++++++++++++++++++
 2 files changed, 31 insertions(+)

(limited to 'ipa-python')

diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index cda8ceb9..c551f043 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -381,3 +381,10 @@ class IPAClient:
         """
         result = self.transport.update_password_policy(policy.origDataDict(), policy.toDict())
         return result
+
+    def add_service_principal(self, princ_name):
+        return self.transport.add_service_principal(princ_name)
+
+    def get_keytab(self, princ_name):
+        return self.transport.get_keytab(princ_name)
+
diff --git a/ipa-python/rpcclient.py b/ipa-python/rpcclient.py
index d4c3dcc8..d7ff9740 100644
--- a/ipa-python/rpcclient.py
+++ b/ipa-python/rpcclient.py
@@ -690,3 +690,27 @@ class RPCClient:
             raise xmlrpclib.Fault(value, msg)
 
         return ipautil.unwrap_binary_data(result)
+
+    def add_service_principal(self, princ_name):
+        server = self.setup_server()
+    
+        try:
+            result = server.add_service_principal(princ_name)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def get_keytab(self, princ_name):
+        server = self.setup_server()
+    
+        try:
+            result = server.get_keytab(princ_name)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
-- 
cgit