diff options
author | Tomas Krizek <tkrizek@redhat.com> | 2016-11-08 12:16:09 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-11-10 17:40:49 +0100 |
commit | a68c95d11612108375877ff45bdb53ce6fc8fbe4 (patch) | |
tree | 6d1405a49a8cc4264186063ffaa088e3494ed0e8 | |
parent | 808b1436b4158cb6f926ac2b5bd0979df6ea7e9f (diff) | |
download | freeipa-a68c95d11612108375877ff45bdb53ce6fc8fbe4.tar.gz freeipa-a68c95d11612108375877ff45bdb53ce6fc8fbe4.tar.xz freeipa-a68c95d11612108375877ff45bdb53ce6fc8fbe4.zip |
ipaldap: remove do_bind from LDAPClient
Remove do_bind() method that was a relict used in IPAdmin. Replace
its uses with simple / external binds.
https://fedorahosted.org/freeipa/ticket/6461
Reviewed-By: Martin Basti <mbasti@redhat.com>
-rwxr-xr-x | install/tools/ipa-httpd-kdcproxy | 2 | ||||
-rw-r--r-- | ipapython/ipaldap.py | 20 | ||||
-rw-r--r-- | ipaserver/install/bindinstance.py | 2 | ||||
-rw-r--r-- | ipaserver/install/dnskeysyncinstance.py | 3 |
4 files changed, 3 insertions, 24 deletions
diff --git a/install/tools/ipa-httpd-kdcproxy b/install/tools/ipa-httpd-kdcproxy index 20674c26c..329565c2b 100755 --- a/install/tools/ipa-httpd-kdcproxy +++ b/install/tools/ipa-httpd-kdcproxy @@ -79,7 +79,7 @@ class KDCProxyConfig(object): self.log.debug('ldap_uri: %s', self.ldap_uri) try: self.con = LDAPClient(self.ldap_uri) - self.con.do_bind() + self.con.external_bind() except (errors.NetworkError, socket.timeout) as e: msg = 'Unable to connect to dirsrv: %s' % e raise CheckError(msg) diff --git a/ipapython/ipaldap.py b/ipapython/ipaldap.py index 2994c0144..ed5c804dc 100644 --- a/ipapython/ipaldap.py +++ b/ipapython/ipaldap.py @@ -749,26 +749,6 @@ class LDAPClient(object): def __str__(self): return self.ldap_uri - def do_bind(self, dm_password="", autobind=AUTOBIND_AUTO): - if dm_password: - self.simple_bind(bind_dn=DIRMAN_DN, - bind_password=dm_password) - return - if (autobind != AUTOBIND_DISABLED and os.getegid() == 0 and - self._protocol == 'ldapi'): - try: - # autobind - self.external_bind() - return - except errors.NotFound: - if autobind == AUTOBIND_ENABLED: - # autobind was required and failed, raise - # exception that it failed - raise - - # fall back - self.gssapi_bind() - def modify_s(self, dn, modlist): # FIXME: for backwards compatibility only assert isinstance(dn, DN) diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 7d6f3baf2..98102463c 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -241,7 +241,7 @@ def dns_container_exists(fqdn, suffix, dm_password=None, ldapi=False, ldap_uri = ipaldap.get_ldap_uri(fqdn, 636, ldapi=ldapi, realm=realm, cacert=CACERT) conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT) - conn.do_bind(dm_password) + conn.simple_bind(ipaldap.DIRMAN_DN, dm_password) except ldap.SERVER_DOWN: raise RuntimeError('LDAP server on %s is not responding. Is IPA installed?' % fqdn) diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py index a6c1013ed..bc2477b7a 100644 --- a/ipaserver/install/dnskeysyncinstance.py +++ b/ipaserver/install/dnskeysyncinstance.py @@ -44,8 +44,7 @@ def dnssec_container_exists(fqdn, suffix, dm_password=None, ldapi=False, ldap_uri = ipaldap.get_ldap_uri(fqdn, 636, ldapi=ldapi, realm=realm, cacert=CACERT) conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT) - - conn.do_bind(dm_password) + conn.simple_bind(ipaldap.DIRMAN_DN, dm_password) except ldap.SERVER_DOWN: raise RuntimeError('LDAP server on %s is not responding. Is IPA installed?' % fqdn) |