diff options
| author | David Kupka <dkupka@redhat.com> | 2015-07-16 10:15:36 +0200 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2015-07-17 10:30:42 +0200 |
| commit | e5d179b5b96bba5048a05135693acc5507d38163 (patch) | |
| tree | bfef6c979a47c232fdfaaae8f7db4086d39abd21 /install | |
| parent | a619a1e211927c27f5c034dec8c1a1bbc03720f2 (diff) | |
| download | freeipa-e5d179b5b96bba5048a05135693acc5507d38163.tar.gz freeipa-e5d179b5b96bba5048a05135693acc5507d38163.tar.xz freeipa-e5d179b5b96bba5048a05135693acc5507d38163.zip | |
migration: Use api.env variables.
Use api.env.basedn instead of anonymously accessing LDAP to get base DN.
Use api.env.basedn instead of searching filesystem for ldapi socket.
https://fedorahosted.org/freeipa/ticket/4953
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'install')
| -rw-r--r-- | install/migration/migration.py | 33 |
1 files changed, 5 insertions, 28 deletions
diff --git a/install/migration/migration.py b/install/migration/migration.py index b629b1c9f..8c440175a 100644 --- a/install/migration/migration.py +++ b/install/migration/migration.py @@ -22,14 +22,13 @@ Password migration script import cgi import errno -import glob from wsgiref.util import request_uri from ipapython.ipa_log_manager import root_logger from ipapython.ipautil import get_ipa_basedn from ipapython.dn import DN from ipapython.ipaldap import IPAdmin -from ipalib import errors +from ipalib import errors, create_api from ipaplatform.paths import paths @@ -45,23 +44,6 @@ def get_ui_url(environ): return full_url[:index] + "/ipa/ui" -def get_base_dn(ldap_uri): - """ - Retrieve LDAP server base DN. - """ - try: - conn = IPAdmin(ldap_uri=ldap_uri) - conn.do_simple_bind(DN(), '') - base_dn = get_ipa_basedn(conn) - except Exception, e: - root_logger.error('migration context search failed: %s' % e) - return '' - finally: - conn.unbind() - - return base_dn - - def bind(ldap_uri, base_dn, username, password): if not base_dn: root_logger.error('migration unable to get base dn') @@ -90,16 +72,11 @@ def application(environ, start_response): if not form_data.has_key('username') or not form_data.has_key('password'): return wsgi_redirect(start_response, 'invalid.html') - slapd_sockets = glob.glob(paths.ALL_SLAPD_INSTANCE_SOCKETS) - if slapd_sockets: - ldap_uri = 'ldapi://%s' % slapd_sockets[0].replace('/', '%2f') - else: - ldap_uri = 'ldaps://localhost:636' - - base_dn = get_base_dn(ldap_uri) - + # API object only for configuration, finalize() not needed + api = create_api(mode=None) + api.bootstrap(context='server', in_server=True) try: - bind(ldap_uri, base_dn, + bind(api.env.ldap_uri, api.env.basedn, form_data['username'].value, form_data['password'].value) except IOError as err: if err.errno == errno.EPERM: |