IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-28 01:41:14 -06:00
Code Issues Packages Projects Releases Wiki Activity

Finishe removing previous code to fetch keytabs

Browse Source
This commit is contained in:
Simo Sorce 2007-12-21 12:31:31 -05:00
parent 84c758153f
commit a9e4e5a1e2
4 changed files with 1 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ipa-server/configure.ac
View File

@ -238,7 +238,6 @@ AC_CONFIG_FILES([
ipa-slapi-plugins/ipa-pwd-extop/Makefile
xmlrpc-server/Makefile
xmlrpc-server/test/Makefile
ipa-keytab-util/Makefile
])
AC_OUTPUT

22
ipa-server/ipa-gui/ipagui/subcontrollers/principal.py
View File

@ -125,28 +125,6 @@ class PrincipalController(IPAController):
return dict(principals=principals, hostname=hostname, fields=ipagui.forms.principal.PrincipalFields())
@expose()
@identity.require(identity.not_anonymous())
def show(self, **kw):
"""Returns the keytab for a given principal"""
client = self.get_ipaclient()
principal = kw.get('principal')
if principal != None and len(principal) > 0:
try:
p = principal.split('@')
keytab = client.get_keytab(p[0].encode('utf-8'))
cherrypy.response.headers['Content-Type'] = "application/x-download"
cherrypy.response.headers['Content-Disposition'] = 'attachment; filename=krb5.keytab'
cherrypy.response.headers['Content-Length'] = len(keytab)
cherrypy.response.body = keytab
return cherrypy.response.body
except ipaerror.IPAError, e:
turbogears.flash("keytab retrieval failed: " + str(e) + "<br/>" + e.detail[0]['desc'])
raise turbogears.redirect("/principal/list")
raise turbogears.redirect("/principal/list")
@validate(form=principal_new_form)
@identity.require(identity.not_anonymous())
def principalcreatevalidate(self, tg_errors=None, **kw):

11
ipa-server/ipa-gui/ipagui/templates/principallist.kid
View File

@ -16,14 +16,6 @@
<script type="text/javascript">
document.getElementById("hostname").focus();
</script>
<script type="text/javascript">
function confirmDownload() {
if (confirm("Are you sure you want to download this principal? It will reset the secret, invalidating any existing keytabs")) {
return true;
}
return false;
}
</script>
</div>
<div py:if='(principals != None) and (len(principals) > 0)'>
<h2>${len(principals)} results returned:</h2>
@ -41,8 +33,7 @@
<tbody>
<tr py:for="principal in principals">
<td>
<a href="${tg.url('/principal/show',principal=principal.krbprincipalname)}" onclick="return confirmDownload();"
>${principal.hostname}</a>
${principal.hostname}
</td>
<td>
${principal.service}

33
ipa-server/xmlrpc-server/funcs.py
View File

@ -1785,39 +1785,6 @@ class IPAServer:
return entries
def get_keytab(self, name, opts=None):
"""Return a keytab for an existing service principal. Note that
this increments the secret thus invalidating any older keys."""
if not name:
raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER)
princ_name = name + "@" + self.realm
conn = self.getConnection(opts)
if conn.principal != "admin@" + self.realm:
raise ipaerror.gen_exception(ipaerror.CONNECTION_GSSAPI_CREDENTIALS)
try:
try:
princs = conn.getList(self.basedn, self.scope, "krbprincipalname=" + princ_name, None)
except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND):
return None
finally:
self.releaseConnection(conn)
# This is ugly - call out to a C wrapper around kadmin.local
p = subprocess.Popen(["/usr/sbin/ipa-keytab-util", princ_name, self.realm],
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout,stderr = p.communicate()
if p.returncode != 0:
return None
return stdout
# Configuration support
def get_ipa_config(self, opts=None):