diff options
author | Petr Viktorin <pviktori@redhat.com> | 2013-01-29 12:01:36 -0500 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-03-01 16:59:46 +0100 |
commit | 1ee66ffe03a0616c65215bc751a7ef6e674780ef (patch) | |
tree | 8f9dc76aff6ef848dcc89b3a04b10d8dcdfb7ea2 /ipaserver/dcerpc.py | |
parent | f9f6cd6e3a907f3bb205f5121727f4f94acfeaef (diff) | |
download | freeipa-1ee66ffe03a0616c65215bc751a7ef6e674780ef.tar.gz freeipa-1ee66ffe03a0616c65215bc751a7ef6e674780ef.tar.xz freeipa-1ee66ffe03a0616c65215bc751a7ef6e674780ef.zip |
Remove IPAdmin.sasl_interactive_bind_s
Also, rename remaining uses of SASL_AUTH to SASL_GSSAPI to better
reflect what it is.
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
Diffstat (limited to 'ipaserver/dcerpc.py')
-rw-r--r-- | ipaserver/dcerpc.py | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py index 140e26f77..a0c6e6919 100644 --- a/ipaserver/dcerpc.py +++ b/ipaserver/dcerpc.py @@ -441,15 +441,12 @@ class DomainValidator(object): if auth: (ccache_name, principal) = self.__kinit_as_trusted_account(info, auth) if ccache_name: - cb_info = dict() - # pass empty dict, SASL GSSAPI is able to get all from the ccache - sasl_auth = _ldap.sasl.sasl(cb_info,'GSSAPI') old_ccache = os.environ.get('KRB5CCNAME') os.environ["KRB5CCNAME"] = ccache_name # OPT_X_SASL_NOCANON is used to avoid hard requirement for PTR # records pointing back to the same host name conn.set_option(_ldap.OPT_X_SASL_NOCANON, _ldap.OPT_ON) - conn.sasl_interactive_bind_s(None, sasl_auth) + conn.do_sasl_gssapi_bind() if basedn is None: # Use domain root base DN basedn = DN(*map(lambda p: ('dc', p), info['dns_domain'].split('.'))) |