IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add a function for formatting network locations of the form host:port for use in URLs.

Browse Source 
If the host part is a literal IPv6 address, it must be enclosed in square
brackets (RFC 2732).

ticket 1869
This commit is contained in:
Jan Cholasta
2011-09-30 10:09:55 +02:00
committed by Martin Kosek
parent a16b5b4c00
commit 12bfed37d4
15 changed files with 59 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ipaserver/install/bindinstance.py
View File

@@ -96,7 +96,7 @@ def dns_container_exists(fqdn, suffix):
return True
try:
server = ldap.initialize("ldap://" + fqdn)
server = ldap.initialize("ldap://" + ipautil.format_netloc(fqdn))
server.simple_bind_s()
except ldap.SERVER_DOWN:
raise RuntimeError('LDAP server on %s is not responding. Is IPA installed?' % fqdn)

10
ipaserver/install/cainstance.py
View File

@@ -663,7 +663,7 @@ class CAInstance(service.Service):
args.append("-clone_start_tls")
args.append("true")
args.append("-clone_uri")
args.append("https://%s:%d" % (self.master_host, 443))
args.append("https://%s" % ipautil.format_netloc(self.master_host, 443))
else:
args.append("-clone")
args.append("false")
@@ -747,7 +747,7 @@ class CAInstance(service.Service):
'-p', self.admin_password,
'-d', self.ca_agent_db,
'-r', '/ca/agent/ca/profileReview?requestId=%s' % self.requestId,
'%s:%d' % (self.fqdn, AGENT_SECURE_PORT),
'%s' % ipautil.format_netloc(self.fqdn, AGENT_SECURE_PORT),
]
(stdout, stderr, returncode) = ipautil.run(args, nolog=(self.admin_password,))
@@ -767,7 +767,7 @@ class CAInstance(service.Service):
'-d', self.ca_agent_db,
'-e', params,
'-r', '/ca/agent/ca/profileProcess',
'%s:%d' % (self.fqdn, AGENT_SECURE_PORT),
'%s' % ipautil.format_netloc(self.fqdn, AGENT_SECURE_PORT),
]
(stdout, stderr, returncode) = ipautil.run(args, nolog=(self.admin_password,))
@@ -810,7 +810,7 @@ class CAInstance(service.Service):
# Create an RA user in the CA LDAP server and add that user to
# the appropriate groups so it can issue certificates without
# manual intervention.
ld = ldap.initialize("ldap://%s:%d" % (self.fqdn, self.ds_port))
ld = ldap.initialize("ldap://%s" % ipautil.format_netloc(self.fqdn, self.ds_port))
ld.protocol_version=ldap.VERSION3
ld.simple_bind_s("cn=Directory Manager", self.dm_password)
@@ -1035,7 +1035,7 @@ class CAInstance(service.Service):
installutils.set_directive(caconfig, 'ca.publish.rule.instance.LdapXCertRule.enable', 'false', quotes=False, separator='=')
# Fix the CRL URI in the profile
installutils.set_directive('/var/lib/%s/profiles/ca/caIPAserviceCert.cfg' % PKI_INSTANCE_NAME, 'policyset.serverCertSet.9.default.params.crlDistPointsPointName_0', 'https://%s/ipa/crl/MasterCRL.bin' % self.fqdn, quotes=False, separator='=')
installutils.set_directive('/var/lib/%s/profiles/ca/caIPAserviceCert.cfg' % PKI_INSTANCE_NAME, 'policyset.serverCertSet.9.default.params.crlDistPointsPointName_0', 'https://%s/ipa/crl/MasterCRL.bin' % ipautil.format_netloc(self.fqdn), quotes=False, separator='=')
ipaservices.restore_context(publishdir)

2
ipaserver/install/dsinstance.py
View File

@@ -112,7 +112,7 @@ def is_ds_running():
def has_managed_entries(host_name, dm_password):
"""Check to see if the Managed Entries plugin is available"""
ldapuri = 'ldap://%s' % host_name
ldapuri = 'ldap://%s' % ipautil.format_netloc(host_name)
conn = None
try:
conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn='cn=config')

6
ipaserver/install/replication.py
View File

@@ -319,7 +319,7 @@ class ReplicationManager(object):
return cn
def to_ldap_url(self, conn):
return "ldap://%s:%d/" % (conn.host, conn.port)
return "ldap://%s/" % ipautil.format_netloc(conn.host, conn.port)
def setup_chaining_farm(self, conn):
try:
@@ -544,7 +544,7 @@ class ReplicationManager(object):
dn = 'cn=%s,cn=mapping tree,cn=config' % esc1_suffix
# TODO: should we detect proto/port somehow ?
mod = [(ldap.MOD_DELETE, 'nsslapd-referral',
'ldap://%s:389/%s' % (hostname, esc2_suffix))]
'ldap://%s/%s' % (ipautil.format_netloc(hostname, 389), esc2_suffix))]
try:
self.conn.modify_s(dn, mod)
@@ -700,7 +700,7 @@ class ReplicationManager(object):
self.ad_suffix = ""
try:
# Validate AD connection
ad_conn = ldap.initialize('ldap://%s' % ad_dc_name)
ad_conn = ldap.initialize('ldap://%s' % ipautil.format_netloc(ad_dc_name))
#the next one is to workaround bugs arounf opendalp libs+NSS db
ad_conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
ad_conn.set_option(ldap.OPT_X_TLS_CACERTFILE, cacert)

7
ipaserver/ipaldap.py
View File

@@ -34,6 +34,7 @@ from ldap.controls import LDAPControl,DecodeControlTuples,EncodeControlTuples
from ldap.ldapobject import SimpleLDAPObject
from ipaserver import ipautil
from ipalib import errors
from ipapython.ipautil import format_netloc
# Global variable to define SASL auth
SASL_AUTH = ldap.sasl.sasl({},'GSSAPI')
@@ -215,12 +216,12 @@ class IPAdmin(SimpleLDAPObject):
its own encryption.
"""
if self.cacert is not None:
SimpleLDAPObject.__init__(self,'ldaps://%s:%d' % (self.host,self.port))
SimpleLDAPObject.__init__(self,'ldaps://%s' % format_netloc(self.host, self.port))
else:
if self.ldapi:
SimpleLDAPObject.__init__(self,'ldapi://%%2fvar%%2frun%%2fslapd-%s.socket' % "-".join(self.realm.split(".")))
else:
SimpleLDAPObject.__init__(self,'ldap://%s:%d' % (self.host,self.port))
SimpleLDAPObject.__init__(self,'ldap://%s' % format_netloc(self.host, self.port))
def __init__(self,host='',port=389,cacert=None,bindcert=None,bindkey=None,proxydn=None,debug=None,ldapi=False,realm=None):
"""We just set our instance variables and wrap the methods - the real
@@ -330,7 +331,7 @@ class IPAdmin(SimpleLDAPObject):
raise errors.DatabaseError(desc=desc,info=info)
def toLDAPURL(self):
return "ldap://%s:%d/" % (self.host,self.port)
return "ldap://%s/" % format_netloc(self.host, self.port)
def set_proxydn(self, proxydn):
self.proxydn = proxydn