Got new ldap connection working using Connectible.connect()

2025-02-25 18:55:28 -06:00 · 2009-01-28 16:12:49 -07:00
parent 231f0bd65a
commit a0aebd46a1
9 changed files with 48 additions and 38 deletions
--- a/ipalib/backend.py
+++ b/ipalib/backend.py
@@ -98,9 +98,9 @@ class Executioner(Backend):

    def create_context(self, ccache=None, client_ip=None):
        if self.env.in_server:
-            self.Backend.ldap.connect(ccache=ccache)
+            self.Backend.ldap.connect(ccache)
        else:
-            self.Backend.xmlclient.connect(ccache=ccache)
+            self.Backend.xmlclient.connect()

    def execute(self, name, *args, **options):
        error = None
--- a/ipalib/cli.py
+++ b/ipalib/cli.py
@@ -406,7 +406,7 @@ class help(frontend.Command):
        super(help, self).finalize()

    def run(self, key):
-        textui = self.Backend.textui
+
        if key is None:
            self.print_commands()
            return
@@ -529,13 +529,16 @@ class cli(backend.Executioner):
        if len(argv) == 0:
            self.Command.help()
            return
+        self.create_context()
        (key, argv) = (argv[0], argv[1:])
-        cmd = self.get_command(key)
+        name = from_cli(key)
+        if name not in self.Command:
+            raise CommandError(name=key)
+        cmd = self.Command[name]
        kw = self.parse(cmd, argv)
        if self.env.interactive:
            self.prompt_interactively(cmd, kw)
-        self.create_context()
-        result = cmd(**kw)
+        result = self.execute(name, **kw)
        if callable(cmd.output_for_cli):
            for param in cmd.params():
                if param.password and param.name in kw:
@@ -543,12 +546,6 @@ class cli(backend.Executioner):
            (args, options) = cmd.params_2_args_options(**kw)
            cmd.output_for_cli(self.api.Backend.textui, result, *args, **options)

-    def get_command(self, key):
-        name = from_cli(key)
-        if name not in self.Command:
-            raise CommandError(name=key)
-        return self.Command[name]
-
    def parse(self, cmd, argv):
        parser = self.build_parser(cmd)
        (collector, args) = parser.parse_args(argv, Collector())
--- a/ipalib/frontend.py
+++ b/ipalib/frontend.py
@@ -95,14 +95,14 @@ class Command(plugable.Plugin):
        XML-RPC and the executed an the nearest IPA server.
        """
        params = self.args_options_2_params(*args, **options)
-        self.info(
+        self.debug(
            'raw: %s(%s)', self.name, ', '.join(self._repr_iter(**params))
        )
        params = self.normalize(**params)
        params = self.convert(**params)
        params.update(self.get_default(**params))
        self.info(
-            'processed: %s(%s)', self.name, ', '.join(self._repr_iter(**params))
+            '%s(%s)', self.name, ', '.join(self._repr_iter(**params))
        )
        self.validate(**params)
        (args, options) = self.params_2_args_options(**params)
--- a/ipalib/rpc.py
+++ b/ipalib/rpc.py
@@ -217,11 +217,10 @@ class xmlclient(Connectible):
        self.__errors = dict((e.errno, e) for e in public_errors)

    def create_connection(self, ccache=None):
-        return ServerProxy(self.env.xmlrpc_uri,
-            #transport=KerbTransport(),
-            allow_none=True,
-            encoding='UTF-8',
-        )
+        kw = dict(allow_none=True, encoding='UTF-8')
+        if self.env.xmlrpc_uri.startswith('https://'):
+            kw['transport'] = KerbTransport()
+        return ServerProxy(self.env.xmlrpc_uri, **kw)

    def destroy_connection(self):
        pass
@@ -241,6 +240,7 @@ class xmlclient(Connectible):
            raise ValueError(
                '%s.forward(): %r not in api.Command' % (self.name, name)
            )
+        self.info('Forwarding %r to %r', name, self.env.xmlrpc_uri)
        command = getattr(self.conn, name)
        params = args + (kw,)
        try:
--- a/ipaserver/plugins/b_ldap.py
+++ b/ipaserver/plugins/b_ldap.py
@@ -28,8 +28,8 @@ import ldap as _ldap
 from ipalib import api
 from ipalib import errors
 from ipalib.crud import CrudBackend
-from ipaserver import servercore
-from ipaserver import ipaldap
+from ipaserver import servercore, ipaldap
+import krbV


 class ldap(CrudBackend):
@@ -41,11 +41,16 @@ class ldap(CrudBackend):
        self.dn = _ldap.dn
        super(ldap, self).__init__()

-    def create_connection(self, ccache=None):
-        return 'The LDAP connection.'
+    def create_connection(self, ccache):
+        conn = ipaldap.IPAdmin(self.env.ldap_host, self.env.ldap_port)
+        principle = krbV.CCache(
+            name=ccache, context=krbV.default_context()
+        ).principal().name
+        conn.set_krbccache(ccache, principle)
+        return conn

    def destroy_connection(self):
-        pass
+        self.conn.unbind_s()

    def make_user_dn(self, uid):
        """
--- a/ipaserver/plugins/b_ra.py
+++ b/ipaserver/plugins/b_ra.py
@@ -338,7 +338,7 @@ class ra(Backend):

    def __get_ca_chain(self):
        headers = {"Content-type": "application/x-www-form-urlencoded"}
-        conn = httplib.HTTPConnection(self.ca_host+":"+self.ca_port)
+        conn = httplib.HTTPConnection(self.ca_host, self.ca_port)
        conn.request("POST", "/ca/ee/ca/getCertChain", None, headers)
        response = conn.getresponse()
        api.log.debug("IPA-RA: response.status: %d  response.reason: '%s'" % (response.status, response.reason))
--- a/ipaserver/rpcserver.py
+++ b/ipaserver/rpcserver.py
@@ -46,11 +46,12 @@ class xmlserver(Executioner):
    Also see the `ipalib.rpc.xmlclient` plugin.
    """

-    def marshaled_dispatch(self, data):
+    def marshaled_dispatch(self, data, ccache):
        """
        Execute the XML-RPC request in contained in ``data``.
        """
        try:
+            self.create_context(ccache=ccache)
            (params, name) = xml_loads(data)
            (args, options) = params_2_args_options(params)
            response = (self.execute(name, *args, **options),)
--- a/ipaserver/servercore.py
+++ b/ipaserver/servercore.py
@@ -20,7 +20,7 @@
 import ldap
 import string
 import re
-from ipaserver.context import context
+from ipalib.request import context
 from ipaserver import ipaldap
 import ipautil
 from ipalib import errors
@@ -86,7 +86,7 @@ def get_entry (base, scope, searchfilter, sattrs=None):
    """
    ent=""

-    ent = context.conn.getConn().getEntry(base, scope, searchfilter, sattrs)
+    ent = context.ldap.conn.getEntry(base, scope, searchfilter, sattrs)

    return convert_entry(ent)

@@ -117,7 +117,7 @@ def get_list (base, searchfilter, sattrs=None, scope=ldap.SCOPE_SUBTREE):
    """
    entries = []

-    entries = context.conn.getConn().getList(base, scope, searchfilter, sattrs)
+    entries = context.ldap.conn.getList(base, scope, searchfilter, sattrs)

    return map(convert_entry, entries)

@@ -252,22 +252,22 @@ def update_entry (entry, remove_keys=[]):
        # FIXME: return a missing DN error message
        raise e

-    return context.conn.getConn().updateEntry(moddn, oldentry, newentry)
+    return context.ldap.conn.updateEntry(moddn, oldentry, newentry)

 def add_entry(entry):
    """Add a new entry"""
-    return context.conn.getConn().addEntry(entry)
+    return context.ldap.conn.addEntry(entry)

 def delete_entry(dn):
    """Remove an entry"""
-    return context.conn.getConn().deleteEntry(dn)
+    return context.ldap.conn.deleteEntry(dn)

 # FIXME, get time and search limit from cn=ipaconfig
 def search(base, filter, attributes, timelimit=1, sizelimit=3000):
    """Perform an LDAP query"""
    try:
        timelimit = float(timelimit)
-        results = context.conn.getConn().getListAsync(base, ldap.SCOPE_SUBTREE,
+        results = context.ldap.conn.getListAsync(base, ldap.SCOPE_SUBTREE,
            filter, attributes, 0, None, None, timelimit, sizelimit)
    except ldap.NO_SUCH_OBJECT:
        raise errors.NotFound
@@ -322,7 +322,7 @@ def get_ipa_config():
    return config

 def modify_password(dn, oldpass, newpass):
-    return context.conn.getConn().modifyPassword(dn, oldpass, newpass)
+    return context.ldap.conn.modifyPassword(dn, oldpass, newpass)

 def mark_entry_active (dn):
    """Mark an entry as active in LDAP."""
--- a/lite-xmlrpc.py
+++ b/lite-xmlrpc.py
@@ -25,11 +25,9 @@ In-tree XML-RPC server using SimpleXMLRPCServer.

 import sys
 from SimpleXMLRPCServer import SimpleXMLRPCServer
+import krbV
 from ipalib import api

-api.bootstrap_with_global_options(context='server')
-api.finalize()
-

 class Instance(object):
    """
@@ -52,13 +50,22 @@ class Server(SimpleXMLRPCServer):
        """
        Use `ipaserver.rpcserver.xmlserver.marshaled_dispatch()`.
        """
-        return api.Backend.xmlserver.marshaled_dispatch(data)
+        try:
+            ccache=krbV.default_context().default_ccache().name
+            return api.Backend.xmlserver.marshaled_dispatch(data, ccache)
+        except Exception, e:
+            api.log.exception('Error caught by lite-xmlrpc.py...')
+            raise e


+api.bootstrap_with_global_options(context='server')
+api.finalize()
+
 kw = dict(logRequests=False)
 if sys.version_info[:2] != (2, 4):
    kw.update(dict(encoding='UTF-8', allow_none=True))
 server = Server(('', api.env.lite_xmlrpc_port), **kw)
+
 api.log.info('Logging to file %r', api.env.log)
 api.log.info('Listening on port %d', api.env.lite_xmlrpc_port)
 server.register_introspection_functions()