diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2017-03-09 11:42:12 +0000 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2017-03-13 16:06:22 +0100 |
| commit | 8fdd7a9ffc263c1198afa5479cda41d319f11d91 (patch) | |
| tree | 828bfc280c3c4367a54e2e3a8b898fa994ea0d78 | |
| parent | 4514ec150586fb43fa66566cce8a69b3ac15b86c (diff) | |
| download | freeipa-8fdd7a9ffc263c1198afa5479cda41d319f11d91.tar.gz freeipa-8fdd7a9ffc263c1198afa5479cda41d319f11d91.tar.xz freeipa-8fdd7a9ffc263c1198afa5479cda41d319f11d91.zip | |
backend plugins: fix crashes in development mode
Do not set or delete attributes directly on KerberosWSGIExecutioner, ldap2
and ra_lightweight_ca instances, as that raises an AttributeError in
development mode because of ReadOnly locking.
Use the usual workaround of `object.__setattr__` and `object.__delattr__`
to fix the issue.
https://pagure.io/freeipa/issue/6625
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
| -rw-r--r-- | ipaserver/plugins/dogtag.py | 4 | ||||
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 28 | ||||
| -rw-r--r-- | ipaserver/rpcserver.py | 6 |
3 files changed, 20 insertions, 18 deletions
diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index 05b759da7..d1dd707f1 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1289,7 +1289,7 @@ class RestClient(Backend): cookies = ipapython.cookie.Cookie.parse(resp_headers.get('set-cookie', '')) if status != 200 or len(cookies) == 0: raise errors.RemoteRetrieveError(reason=_('Failed to authenticate to CA REST API')) - self.cookie = str(cookies[0]) + object.__setattr__(self, 'cookie', str(cookies[0])) return self def __exit__(self, exc_type, exc_value, traceback): @@ -1302,7 +1302,7 @@ class RestClient(Backend): client_keyfile=self.client_keyfile, method='GET' ) - self.cookie = None + object.__setattr__(self, 'cookie', None) def _ssldo(self, method, path, headers=None, body=None, use_session=True): """ diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index e671ecba7..def124530 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -77,42 +77,42 @@ class ldap2(CrudBackend, LDAPClient): LDAPClient.__init__(self, ldap_uri, force_schema_updates=force_schema_updates) - self.__time_limit = float(LDAPClient.time_limit) - self.__size_limit = int(LDAPClient.size_limit) + self._time_limit = float(LDAPClient.time_limit) + self._size_limit = int(LDAPClient.size_limit) @property def time_limit(self): - if self.__time_limit is None: + if self._time_limit is None: return float(self.get_ipa_config().single_value.get( 'ipasearchtimelimit', 2)) - return self.__time_limit + return self._time_limit @time_limit.setter def time_limit(self, val): if val is not None: val = float(val) - self.__time_limit = val + object.__setattr__(self, '_time_limit', val) @time_limit.deleter def time_limit(self): - self.__time_limit = int(LDAPClient.size_limit) + object.__setattr__(self, '_time_limit', int(LDAPClient.size_limit)) @property def size_limit(self): - if self.__size_limit is None: + if self._size_limit is None: return int(self.get_ipa_config().single_value.get( 'ipasearchrecordslimit', 0)) - return self.__size_limit + return self._size_limit @size_limit.setter def size_limit(self, val): if val is not None: val = int(val) - self.__size_limit = val + object.__setattr__(self, '_size_limit', val) @size_limit.deleter def size_limit(self): - self.__size_limit = float(LDAPClient.time_limit) + object.__setattr__(self, '_size_limit', float(LDAPClient.time_limit)) def _connect(self): # Connectible.conn is a proxy to thread-local storage; @@ -158,9 +158,9 @@ class ldap2(CrudBackend, LDAPClient): cacert = paths.IPA_CA_CRT if time_limit is not _missing: - self.time_limit = time_limit + object.__setattr__(self, 'time_limit', time_limit) if size_limit is not _missing: - self.size_limit = size_limit + object.__setattr__(self, 'size_limit', size_limit) client = LDAPClient(self.ldap_uri, force_schema_updates=self._force_schema_updates, @@ -219,8 +219,8 @@ class ldap2(CrudBackend, LDAPClient): # ignore when trying to unbind multiple times pass - del self.time_limit - del self.size_limit + object.__delattr__(self, 'time_limit') + object.__delattr__(self, 'size_limit') def get_ipa_config(self, attrs_list=None): """Returns the IPA configuration entry (dn, entry_attrs).""" diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py index 65b899877..fa15742d5 100644 --- a/ipaserver/rpcserver.py +++ b/ipaserver/rpcserver.py @@ -628,8 +628,10 @@ class KerberosWSGIExecutioner(WSGIExecutioner, KerberosSession): self.debug('KerberosWSGIExecutioner.__call__:') user_ccache=environ.get('KRB5CCNAME') - self.headers = [('Content-Type', - '%s; charset=utf-8' % self.content_type)] + object.__setattr__( + self, 'headers', + [('Content-Type', '%s; charset=utf-8' % self.content_type)] + ) if user_ccache is None: |