ipaldap: merge IPAdmin to LDAPClient

* move IPAdmin methods to LDAPClient * add extra arguments (cacert, sasl_nocanon) to LDAPClient.__init__() * add host, port, _protocol to LDAPClient (parsed from ldap_uri) * create get_ldap_uri() method to create ldap_uri from former IPAdmin.__init__() arguments * replace IPAdmin with LDAPClient + get_ldap_uri() * remove ununsed function argument hostname from enable_replication_version_checking() https://fedorahosted.org/freeipa/ticket/6461 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2025-02-25 18:55:28 -06:00 · 2016-11-01 14:52:33 +01:00
parent 4f1a6a1776
commit 5b81dbfda1
26 changed files with 187 additions and 210 deletions
--- a/install/tools/ipa-csreplica-manage
+++ b/install/tools/ipa-csreplica-manage
@@ -93,7 +93,8 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose):

    try:
        # connect to main IPA LDAP server
-        conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
        conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                         bind_password=dirman_passwd)

@@ -295,7 +296,8 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
    except Exception as e:
        sys.exit(str(e))
    try:
-        conn = ipaldap.IPAdmin(replica2, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(replica2, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
        conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                         bind_password=dirman_passwd)

--- a/install/tools/ipa-httpd-kdcproxy
+++ b/install/tools/ipa-httpd-kdcproxy
@@ -29,7 +29,7 @@ import sys

 from ipalib import api, errors
 from ipapython.ipa_log_manager import standard_logging_setup
-from ipapython.ipaldap import IPAdmin
+from ipapython.ipaldap import LDAPClient
 from ipapython.dn import DN
 from ipaplatform.paths import paths

@@ -78,9 +78,7 @@ class KDCProxyConfig(object):
        """Establish LDAP connection"""
        self.log.debug('ldap_uri: %s', self.ldap_uri)
        try:
-            self.con = IPAdmin(ldap_uri=self.ldap_uri)
-            # EXTERNAL bind as root user
-            self.con.ldapi = True
+            self.con = LDAPClient(self.ldap_uri)
            self.con.do_bind()
        except (errors.NetworkError, socket.timeout) as e:
            msg = 'Unable to connect to dirsrv: %s' % e
@@ -94,7 +92,7 @@ class KDCProxyConfig(object):
            self.log.exception(msg)
            raise FatalError(msg)

-    def _find_entry(self, dn, attrs, filter, scope=IPAdmin.SCOPE_BASE):
+    def _find_entry(self, dn, attrs, filter, scope=LDAPClient.SCOPE_BASE):
        """Find an LDAP entry, handles NotFound and Limit"""
        try:
            entries = self.con.get_entries(
--- a/install/tools/ipa-managed-entries
+++ b/install/tools/ipa-managed-entries
@@ -87,7 +87,8 @@ def main():
    conn = None
    try:
        filter = '(objectClass=extensibleObject)'
-        conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)

        if options.dirman_password:
            try:
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -167,7 +167,8 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False):
    peers = {}

    try:
-        conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
        if dirman_passwd:
            conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                             bind_password=dirman_passwd)
@@ -627,7 +628,8 @@ def clean_dangling_ruvs(realm, host, options):
    Cleans all RUVs and CS-RUVs that are left in the system from
    uninstalled replicas
    """
-    conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
+    ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
+    conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
    try:
        conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                         bind_password=options.dirman_passwd)
@@ -674,7 +676,8 @@ def clean_dangling_ruvs(realm, host, options):
    offlines = set()
    for master_cn, master_info in info.items():
        try:
-            conn = ipaldap.IPAdmin(master_cn, 636, cacert=CACERT)
+            ldap_uri = ipaldap.get_ldap_uri(master_cn, 636, cacert=CACERT)
+            conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
            conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                             bind_password=options.dirman_passwd)
            master_info['online'] = True
--- a/install/tools/ipactl
+++ b/install/tools/ipactl
@@ -30,7 +30,7 @@ from ipaserver.install import service, installutils
 from ipaserver.install.dsinstance import config_dirname
 from ipaserver.install.installutils import is_ipa_configured, ScriptError
 from ipalib import api, errors
-from ipapython.ipaldap import IPAdmin
+from ipapython.ipaldap import LDAPClient
 from ipapython.ipautil import (
    wait_for_open_ports, wait_for_open_socket, is_fips_enabled)
 from ipapython import config
@@ -165,7 +165,7 @@ def get_config(dirsrv):
        else:
            (host, port) = lurl.hostport.split(':')
            wait_for_open_ports(host, [int(port)], timeout=api.env.startup_timeout)
-        con = IPAdmin(ldap_uri=api.env.ldap_uri)
+        con = LDAPClient(api.env.ldap_uri)
        con.external_bind()
        res = con.get_entries(
            base,