diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2016-02-29 13:55:07 +0100 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2016-03-03 10:31:55 +0100 |
| commit | 8df86d5bffdccd4f9e4d16fbd439f23903ec25af (patch) | |
| tree | 45dd47275fe1fd8b2859b4124f54feaef5c9ecd7 /ipaclient | |
| parent | 3c57c305add17b95d4fb962efd9e5dfc9bd35efe (diff) | |
Move get_ipa_basedn from ipautil to ipadiscovery
The function wasn't used anywhere else.
Part of the work for https://fedorahosted.org/freeipa/ticket/5638
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaclient')
| -rw-r--r-- | ipaclient/ipadiscovery.py | 45 |
1 files changed, 44 insertions, 1 deletions
diff --git a/ipaclient/ipadiscovery.py b/ipaclient/ipadiscovery.py index 772add43a..bf82eac3a 100644 --- a/ipaclient/ipadiscovery.py +++ b/ipaclient/ipadiscovery.py @@ -25,7 +25,7 @@ from dns.exception import DNSException from ipalib import errors from ipapython import ipaldap from ipaplatform.paths import paths -from ipapython.ipautil import valid_ip, get_ipa_basedn, realm_to_suffix +from ipapython.ipautil import valid_ip, realm_to_suffix from ipapython.dn import DN NOT_FQDN = -1 @@ -37,6 +37,8 @@ NO_TLS_LDAP = -6 BAD_HOST_CONFIG = -10 UNKNOWN_ERROR = -15 +IPA_BASEDN_INFO = 'ipa v2.0' + error_names = { 0: 'Success', NOT_FQDN: 'NOT_FQDN', @@ -49,6 +51,47 @@ error_names = { UNKNOWN_ERROR: 'UNKNOWN_ERROR', } +def get_ipa_basedn(conn): + """ + Get base DN of IPA suffix in given LDAP server. + + None is returned if the suffix is not found + + :param conn: Bound LDAPClient that will be used for searching + """ + entry = conn.get_entry( + DN(), attrs_list=['defaultnamingcontext', 'namingcontexts']) + + # FIXME: import ipalib here to prevent import loops + from ipalib import errors + + contexts = entry['namingcontexts'] + if 'defaultnamingcontext' in entry: + # If there is a defaultNamingContext examine that one first + default = entry.single_value['defaultnamingcontext'] + if default in contexts: + contexts.remove(default) + contexts.insert(0, default) + for context in contexts: + root_logger.debug("Check if naming context '%s' is for IPA" % context) + try: + [entry] = conn.get_entries( + DN(context), conn.SCOPE_BASE, "(info=IPA*)") + except errors.NotFound: + root_logger.debug("LDAP server did not return info attribute to " + "check for IPA version") + continue + info = entry.single_value['info'].lower() + if info != IPA_BASEDN_INFO: + root_logger.debug("Detected IPA server version (%s) did not match the client (%s)" \ + % (info, IPA_BASEDN_INFO)) + continue + root_logger.debug("Naming context '%s' is a valid IPA context" % context) + return DN(context) + + return None + + class IPADiscovery(object): def __init__(self): |