diff options
| author | Michael Simacek <msimacek@redhat.com> | 2015-07-20 16:04:07 +0200 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2015-08-26 09:41:36 +0200 |
| commit | aad73fad601f576dd83b758f4448839b4e8e87df (patch) | |
| tree | c99433fc5aade363e7f9f66a7c08fcfd8e3dfc69 /daemons | |
| parent | aebb72e1fb144939285380a6a9261c4d4177195e (diff) | |
| download | freeipa-aad73fad601f576dd83b758f4448839b4e8e87df.tar.gz freeipa-aad73fad601f576dd83b758f4448839b4e8e87df.tar.xz freeipa-aad73fad601f576dd83b758f4448839b4e8e87df.zip | |
Port from python-krbV to python-gssapi
python-krbV library is deprecated and doesn't work with python 3. Replacing all
it's usages with python-gssapi.
- Removed Backend.krb and KRB5_CCache classes
They were wrappers around krbV classes that cannot really work without them
- Added few utility functions for querying GSSAPI credentials
in krb_utils module. They provide replacements for KRB5_CCache.
- Merged two kinit_keytab functions
- Changed ldap plugin connection defaults to match ipaldap
- Unified getting default realm
Using api.env.realm instead of krbV call
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Robbie Harwood <rharwood@redhat.com>
Reviewed-By: Simo Sorce <ssorce@redhat.com>
Diffstat (limited to 'daemons')
| -rwxr-xr-x | daemons/dnssec/ipa-dnskeysync-replica | 4 | ||||
| -rwxr-xr-x | daemons/dnssec/ipa-ods-exporter | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/daemons/dnssec/ipa-dnskeysync-replica b/daemons/dnssec/ipa-dnskeysync-replica index b80b38962..d21626808 100755 --- a/daemons/dnssec/ipa-dnskeysync-replica +++ b/daemons/dnssec/ipa-dnskeysync-replica @@ -12,7 +12,7 @@ from binascii import hexlify from datetime import datetime import dns.dnssec import fcntl -from krbV import Krb5Error +from gssapi.exceptions import GSSError import logging import os from pprint import pprint @@ -146,7 +146,7 @@ ccache_filename = os.path.join(WORKDIR, 'ipa-dnskeysync-replica.ccache') try: ipautil.kinit_keytab(PRINCIPAL, paths.IPA_DNSKEYSYNCD_KEYTAB, ccache_filename, attempts=5) -except Krb5Error as e: +except GSSError as e: log.critical('Kerberos authentication failed: %s', e) sys.exit(1) diff --git a/daemons/dnssec/ipa-ods-exporter b/daemons/dnssec/ipa-ods-exporter index 4d5423797..e7d30014e 100755 --- a/daemons/dnssec/ipa-ods-exporter +++ b/daemons/dnssec/ipa-ods-exporter @@ -20,7 +20,7 @@ from datetime import datetime import dateutil.tz import dns.dnssec import fcntl -from krbV import Krb5Error +from gssapi.exceptions import GSSError import logging import os import subprocess @@ -487,7 +487,7 @@ ccache_name = os.path.join(WORKDIR, 'ipa-ods-exporter.ccache') try: ipautil.kinit_keytab(PRINCIPAL, paths.IPA_ODS_EXPORTER_KEYTAB, ccache_name, attempts=5) -except Krb5Error as e: +except GSSError as e: log.critical('Kerberos authentication failed: %s', e) sys.exit(1) |