ipaldap: merge IPAdmin to LDAPClient

* move IPAdmin methods to LDAPClient * add extra arguments (cacert, sasl_nocanon) to LDAPClient.__init__() * add host, port, _protocol to LDAPClient (parsed from ldap_uri) * create get_ldap_uri() method to create ldap_uri from former IPAdmin.__init__() arguments * replace IPAdmin with LDAPClient + get_ldap_uri() * remove ununsed function argument hostname from enable_replication_version_checking() https://fedorahosted.org/freeipa/ticket/6461 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
author: Tomas Krizek <tkrizek@redhat.com> 2016-11-01 14:52:33 +0100
committer: Martin Basti <mbasti@redhat.com> 2016-11-07 11:34:03 +0100
commit: 5b81dbfda1e4f0799d4ce87e9987a896af3ff299 (patch)
tree: bf0b256dec17a5e9ca7bacb414488cb0436aba49 /install
parent: 4f1a6a177666c475156f496d3f7719b37e66a7b0 (diff)
6 files changed, 19 insertions, 15 deletions
diff --git a/install/migration/migration.py b/install/migration/migration.py
index a87b488fc..4743279be 100644
--- a/install/migration/migration.py
+++ b/install/migration/migration.py
@@ -26,7 +26,7 @@ from wsgiref.util import request_uri
 
 from ipapython.ipa_log_manager import root_logger
 from ipapython.dn import DN
-from ipapython.ipaldap import IPAdmin
+from ipapython import ipaldap
 from ipalib import errors, create_api
 
 
@@ -48,7 +48,7 @@ def bind(ldap_uri, base_dn, username, password):
         raise IOError(errno.EIO, 'Cannot get Base DN')
     bind_dn = DN(('uid', username), ('cn', 'users'), ('cn', 'accounts'), base_dn)
     try:
-        conn = IPAdmin(ldap_uri=ldap_uri)
+        conn = ipaldap.LDAPClient(ldap_uri)
         conn.simple_bind(bind_dn, password)
     except (errors.ACIError, errors.DatabaseError, errors.NotFound) as e:
         root_logger.error(
diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage
index b5474eb45..85b55d144 100755
--- a/install/tools/ipa-csreplica-manage
+++ b/install/tools/ipa-csreplica-manage
@@ -93,7 +93,8 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose):
 
     try:
         # connect to main IPA LDAP server
-        conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
         conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                          bind_password=dirman_passwd)
 
@@ -295,7 +296,8 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
     except Exception as e:
         sys.exit(str(e))
     try:
-        conn = ipaldap.IPAdmin(replica2, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(replica2, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
         conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                          bind_password=dirman_passwd)
 
diff --git a/install/tools/ipa-httpd-kdcproxy b/install/tools/ipa-httpd-kdcproxy
index d64420640..20674c26c 100755
--- a/install/tools/ipa-httpd-kdcproxy
+++ b/install/tools/ipa-httpd-kdcproxy
@@ -29,7 +29,7 @@ import sys
 
 from ipalib import api, errors
 from ipapython.ipa_log_manager import standard_logging_setup
-from ipapython.ipaldap import IPAdmin
+from ipapython.ipaldap import LDAPClient
 from ipapython.dn import DN
 from ipaplatform.paths import paths
 
@@ -78,9 +78,7 @@ class KDCProxyConfig(object):
         """Establish LDAP connection"""
         self.log.debug('ldap_uri: %s', self.ldap_uri)
         try:
-            self.con = IPAdmin(ldap_uri=self.ldap_uri)
-            # EXTERNAL bind as root user
-            self.con.ldapi = True
+            self.con = LDAPClient(self.ldap_uri)
             self.con.do_bind()
         except (errors.NetworkError, socket.timeout) as e:
             msg = 'Unable to connect to dirsrv: %s' % e
@@ -94,7 +92,7 @@ class KDCProxyConfig(object):
             self.log.exception(msg)
             raise FatalError(msg)
 
-    def _find_entry(self, dn, attrs, filter, scope=IPAdmin.SCOPE_BASE):
+    def _find_entry(self, dn, attrs, filter, scope=LDAPClient.SCOPE_BASE):
         """Find an LDAP entry, handles NotFound and Limit"""
         try:
             entries = self.con.get_entries(
diff --git a/install/tools/ipa-managed-entries b/install/tools/ipa-managed-entries
index 1c8f3f773..691811ed9 100755
--- a/install/tools/ipa-managed-entries
+++ b/install/tools/ipa-managed-entries
@@ -87,7 +87,8 @@ def main():
     conn = None
     try:
         filter = '(objectClass=extensibleObject)'
-        conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
 
         if options.dirman_password:
             try:
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 2ec09a633..5abc1d582 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -167,7 +167,8 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False):
     peers = {}
 
     try:
-        conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
         if dirman_passwd:
             conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                              bind_password=dirman_passwd)
@@ -627,7 +628,8 @@ def clean_dangling_ruvs(realm, host, options):
     Cleans all RUVs and CS-RUVs that are left in the system from
     uninstalled replicas
     """
-    conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+    ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+    conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
     try:
         conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                          bind_password=options.dirman_passwd)
@@ -674,7 +676,8 @@ def clean_dangling_ruvs(realm, host, options):
     offlines = set()
     for master_cn, master_info in info.items():
         try:
-            conn = ipaldap.IPAdmin(master_cn, 636, cacert=CACERT)
+            ldap_uri = ipaldap.get_ldap_uri(master_cn, 636, cacert=CACERT)
+            conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
             conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                              bind_password=options.dirman_passwd)
             master_info['online'] = True
diff --git a/install/tools/ipactl b/install/tools/ipactl
index 354209310..13a1a272c 100755
--- a/install/tools/ipactl
+++ b/install/tools/ipactl
@@ -30,7 +30,7 @@ from ipaserver.install import service, installutils
 from ipaserver.install.dsinstance import config_dirname
 from ipaserver.install.installutils import is_ipa_configured, ScriptError
 from ipalib import api, errors
-from ipapython.ipaldap import IPAdmin
+from ipapython.ipaldap import LDAPClient
 from ipapython.ipautil import (
     wait_for_open_ports, wait_for_open_socket, is_fips_enabled)
 from ipapython import config
@@ -165,7 +165,7 @@ def get_config(dirsrv):
         else:
             (host, port) = lurl.hostport.split(':')
             wait_for_open_ports(host, [int(port)], timeout=api.env.startup_timeout)
-        con = IPAdmin(ldap_uri=api.env.ldap_uri)
+        con = LDAPClient(api.env.ldap_uri)
         con.external_bind()
         res = con.get_entries(
             base,
author	Tomas Krizek <tkrizek@redhat.com>	2016-11-01 14:52:33 +0100
committer	Martin Basti <mbasti@redhat.com>	2016-11-07 11:34:03 +0100
commit	5b81dbfda1e4f0799d4ce87e9987a896af3ff299 (patch)
tree	bf0b256dec17a5e9ca7bacb414488cb0436aba49 /install
parent	4f1a6a177666c475156f496d3f7719b37e66a7b0 (diff)