Change the way we determine if the host has a password set.

When creating a host with a password we don't set a Kerberos principal or add the Kerberos objectclasses. Those get added when the host is enrolled. If one passed in --password= (so no password) then we incorrectly thought the user was in fact setting a password, so the principal and objectclasses weren't updated. https://fedorahosted.org/freeipa/ticket/4102
2025-02-25 18:55:28 -06:00 · 2014-01-14 14:23:47 -05:00
parent 689382dc83
commit 0070c0feda
2 changed files with 28 additions and 1 deletions
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -424,7 +424,7 @@ class host_add(LDAPCreate):
            entry_attrs['l'] = entry_attrs['locality']
        entry_attrs['cn'] = keys[-1]
        entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0]
-        if 'userpassword' not in entry_attrs and not options.get('random', False):
+        if not entry_attrs.get('userpassword', False) and not options.get('random', False):
            entry_attrs['krbprincipalname'] = 'host/%s@%s' % (
                keys[-1], self.api.env.realm
            )
--- a/ipatests/test_xmlrpc/test_host_plugin.py
+++ b/ipatests/test_xmlrpc/test_host_plugin.py
@@ -863,6 +863,33 @@ class test_host(Declarative):
            ),
        ),
        dict(
            desc='Create a host with a NULL password',
            command=('host_add', [fqdn3],
                dict(
                    description=u'Test host 3',
                    force=True,
                    userpassword=None,
                ),
            ),
            expected=dict(
                value=fqdn3,
                summary=u'Added host "%s"' % fqdn3,
                result=dict(
                    dn=dn3,
                    fqdn=[fqdn3],
                    description=[u'Test host 3'],
                    krbprincipalname=[u'host/%s@%s' % (fqdn3, api.env.realm)],
                    objectclass=objectclasses.host,
                    ipauniqueid=[fuzzy_uuid],
                    managedby_host=[u'%s' % fqdn3],
                    has_keytab=False,
                    has_password=False,
                ),
            ),
        ),
    ]
 class test_host_false_pwd_change(XMLRPC_test):