IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 00:31:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

Change the way we determine if the host has a password set.

Browse Source 
When creating a host with a password we don't set a Kerberos
principal or add the Kerberos objectclasses. Those get added when the
host is enrolled. If one passed in --password= (so no password) then
we incorrectly thought the user was in fact setting a password, so the
principal and objectclasses weren't updated.

https://fedorahosted.org/freeipa/ticket/4102
This commit is contained in:
Rob Crittenden 2014-01-14 14:23:47 -05:00 committed by Martin Kosek
parent 689382dc83
commit 0070c0feda
2 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ipalib/plugins/host.py
View File

@ -424,7 +424,7 @@ class host_add(LDAPCreate):
entry_attrs['l'] = entry_attrs['locality']
entry_attrs['cn'] = keys[-1]
entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0]
if 'userpassword' not in entry_attrs and not options.get('random', False):
if not entry_attrs.get('userpassword', False) and not options.get('random', False):
entry_attrs['krbprincipalname'] = 'host/%s@%s' % (
keys[-1], self.api.env.realm
)

27
ipatests/test_xmlrpc/test_host_plugin.py
View File

@ -863,6 +863,33 @@ class test_host(Declarative):
),
),
dict(
desc='Create a host with a NULL password',
command=('host_add', [fqdn3],
dict(
description=u'Test host 3',
force=True,
userpassword=None,
),
),
expected=dict(
value=fqdn3,
summary=u'Added host "%s"' % fqdn3,
result=dict(
dn=dn3,
fqdn=[fqdn3],
description=[u'Test host 3'],
krbprincipalname=[u'host/%s@%s' % (fqdn3, api.env.realm)],
objectclass=objectclasses.host,
ipauniqueid=[fuzzy_uuid],
managedby_host=[u'%s' % fqdn3],
has_keytab=False,
has_password=False,
),
),
),
]
class test_host_false_pwd_change(XMLRPC_test):