diff options
author | Florence Blanc-Renaud <flo@redhat.com> | 2016-07-21 16:54:43 +0200 |
---|---|---|
committer | Martin Babinsky <mbabinsk@redhat.com> | 2016-07-22 16:30:32 +0200 |
commit | bc7eb99a2959980c1abf31f77610cec2f098744b (patch) | |
tree | 8fab92114a74e9d8e1c20256db4e29eadee70cdf | |
parent | 524719f420fa331b3a1d53d5d8bebdfee39c8371 (diff) | |
download | freeipa-bc7eb99a2959980c1abf31f77610cec2f098744b.tar.gz freeipa-bc7eb99a2959980c1abf31f77610cec2f098744b.tar.xz freeipa-bc7eb99a2959980c1abf31f77610cec2f098744b.zip |
Fix session cookies
The CLI was not using session cookies for communication with IPA API.
The kernel_keyring code was expecting the keyname to be a string, but
in python 2 a unicode was supplied (the key is built using
ipa_session_cookie:%principal and principal is a unicode).
The patch fixes the assertions, allowing to store and retrieve the cookie.
It also adds a test with unicode key name.
https://fedorahosted.org/freeipa/ticket/5984
Reviewed-By: Petr Spacek <pspacek@redhat.com>
-rw-r--r-- | ipapython/kernel_keyring.py | 15 | ||||
-rw-r--r-- | ipatests/test_ipapython/test_keyring.py | 15 |
2 files changed, 23 insertions, 7 deletions
diff --git a/ipapython/kernel_keyring.py b/ipapython/kernel_keyring.py index ed4868a9d..651fd7086 100644 --- a/ipapython/kernel_keyring.py +++ b/ipapython/kernel_keyring.py @@ -18,6 +18,7 @@ # import os +import six from ipapython.ipautil import run @@ -45,7 +46,7 @@ def get_real_key(key): One cannot request a key based on the description it was created with so find the one we're looking for. """ - assert isinstance(key, str) + assert isinstance(key, six.string_types) result = run(['keyctl', 'search', KEYRING, KEYTYPE, key], raiseonerr=False, capture_output=True) if result.returncode: @@ -53,7 +54,7 @@ def get_real_key(key): return result.raw_output.rstrip() def get_persistent_key(key): - assert isinstance(key, str) + assert isinstance(key, six.string_types) result = run(['keyctl', 'get_persistent', KEYRING, key], raiseonerr=False, capture_output=True) if result.returncode: @@ -73,7 +74,7 @@ def has_key(key): """ Returns True/False whether the key exists in the keyring. """ - assert isinstance(key, str) + assert isinstance(key, six.string_types) try: get_real_key(key) return True @@ -86,7 +87,7 @@ def read_key(key): Use pipe instead of print here to ensure we always get the raw data. """ - assert isinstance(key, str) + assert isinstance(key, six.string_types) real_key = get_real_key(key) result = run(['keyctl', 'pipe', real_key], raiseonerr=False, capture_output=True) @@ -99,7 +100,7 @@ def update_key(key, value): """ Update the keyring data. If they key doesn't exist it is created. """ - assert isinstance(key, str) + assert isinstance(key, six.string_types) assert isinstance(value, bytes) if has_key(key): real_key = get_real_key(key) @@ -114,7 +115,7 @@ def add_key(key, value): """ Add a key to the kernel keyring. """ - assert isinstance(key, str) + assert isinstance(key, six.string_types) assert isinstance(value, bytes) if has_key(key): raise ValueError('key %s already exists' % key) @@ -127,7 +128,7 @@ def del_key(key): """ Remove a key from the keyring """ - assert isinstance(key, str) + assert isinstance(key, six.string_types) real_key = get_real_key(key) result = run(['keyctl', 'unlink', real_key, KEYRING], raiseonerr=False) diff --git a/ipatests/test_ipapython/test_keyring.py b/ipatests/test_ipapython/test_keyring.py index e22841c8f..c81e6d95f 100644 --- a/ipatests/test_ipapython/test_keyring.py +++ b/ipatests/test_ipapython/test_keyring.py @@ -28,6 +28,7 @@ import pytest pytestmark = pytest.mark.tier0 TEST_KEY = 'ipa_test' +TEST_UNICODEKEY = u'ipa_unicode' TEST_VALUE = b'abc123' UPDATE_VALUE = b'123abc' @@ -49,6 +50,10 @@ class test_keyring(object): kernel_keyring.del_key(SIZE_256) except ValueError: pass + try: + kernel_keyring.del_key(TEST_UNICODEKEY) + except ValueError: + pass def test_01(self): """ @@ -150,3 +155,13 @@ class test_keyring(object): assert(result == SIZE_1024.encode('ascii')) kernel_keyring.del_key(TEST_KEY) + + def test_10(self): + """ + Test a unicode key + """ + kernel_keyring.add_key(TEST_UNICODEKEY, TEST_VALUE) + result = kernel_keyring.read_key(TEST_UNICODEKEY) + assert(result == TEST_VALUE) + + kernel_keyring.del_key(TEST_UNICODEKEY) |