IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-02 12:16:56 -06:00
Code Issues Packages Projects Releases Wiki Activity
5,705 Commits 11 Branches 59 Tags 60 MiB
a38d93f65f
Commit Graph

801 Commits

Author SHA1 Message Date
Petr Viktorin
6ff20ca2d9 Fix installing server with external CA 
Reorganize ipa-server-instal so that DS (and NTP server) installation
only happens in step one.

Change CAInstance to behave correctly in two-step install.

Add an `init_info` method to DSInstance that includes common
attribute/sub_dict initialization from create_instance and create_replica.
Use it in ipa-server-install to get a properly configured DSInstance
for later tasks.

https://fedorahosted.org/freeipa/ticket/3459
 2013-03-08 15:42:20 +01:00
Jan Cholasta
9955ba0714 Disable schema retrieval and attribute decoding when talking to AD GC. 2013-03-08 14:47:52 +01:00
Jan Cholasta
f423364fa8 Allow disabling attribute decoding in LDAPClient and IPAdmin. 2013-03-08 14:47:52 +01:00
Jan Cholasta
fffd2eb32d Allow disabling LDAP schema retrieval in LDAPClient and IPAdmin. 2013-03-08 14:47:52 +01:00
Jan Cholasta
4152c36bf2 Do not fail if schema cannot be retrieved from LDAP server. 2013-03-08 14:47:52 +01:00
Rob Crittenden
f6f8307be2 Don't base64-encode the CA cert when uploading it during an upgrade. 
We want to store the raw value. Tools like ldapsearch will automatically
base64 encode the value because it's binary so we don't want to duplicate
that.

https://fedorahosted.org/freeipa/ticket/3477
 2013-03-07 09:40:07 +01:00
Alexander Bokovoy
c6fc0413b6 ipaserver/dcerpc: enforce search_s without schema checks for GC searching 2013-03-06 16:09:01 +02:00
Jan Cholasta
61c0938c76 Remove support for DN normalization from LDAPClient. 2013-03-01 16:59:47 +01:00
Jan Cholasta
a09c50671e Use full DNs in plugin code. 2013-03-01 16:59:47 +01:00
Jan Cholasta
3aa39547df Support attributes with multiple names in LDAPEntry. 2013-03-01 16:59:47 +01:00
Jan Cholasta
f17aa00ff0 Aggregate IPASimpleLDAPObject in LDAPEntry. 2013-03-01 16:59:47 +01:00
Jan Cholasta
8f46ca5dd2 Preserve case of attribute names in LDAPEntry. 2013-03-01 16:59:46 +01:00
Jan Cholasta
bb36683c84 Use the dn attribute of LDAPEntry to set/get DNs of entries. 
Convert all code that uses the 'dn' key of LDAPEntry for this to use the dn
attribute instead.
 2013-03-01 16:59:46 +01:00
Petr Viktorin
982b782777 Remove some uses of raw python-ldap 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
29a02a3530 Use IPAdmin rather than raw python-ldap in ipactl 
Add a new init argument, ldap_uri, to IPAdmin to make this possible.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
b39033cc65 Use ldap instead of _ldap in ipaldap 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
334a0cdcdc Remove IPAdmin.unbind_s(), keep unbind() 
The unbind and unbind_s functions do the same thing (both are synchronous).

In the low-level IPASimpleLDAPObject, unbind_s rather than unbind is kept.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
f7a4cceb97 Remove IPAdmin.simple_bind_s 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
1ee66ffe03 Remove IPAdmin.sasl_interactive_bind_s 
Also, rename remaining uses of SASL_AUTH to SASL_GSSAPI to better
reflect what it is.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
f9f6cd6e3a Replace IPAdmin.start_tls_s by an __init__ argument 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
8f44811a95 Remove search_s and search_ext_s from IPAdmin 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
d7bf70902b Proxy LDAP methods explicitly rather than using __getattr__ 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:46 +01:00
Petr Viktorin
fdd4169124 Inline waitForEntry in its only caller 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
fc571da1af Inline inactivateEntry in its only caller 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
5184c312f6 replace getEntry with get_entry (or get_entries if scope != SCOPE_BASE) 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
d17f9020a8 Fix typo and traceback suppression in replication.py 2013-03-01 16:59:45 +01:00
Petr Viktorin
e815c1893d Replace deleteEntry with delete_entry 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
f8ad7cb96f Replace addEntry with add_entry 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
aaa41b2145 Rename LDAPConnection to LDAPClient 
It does more than just connecting, so it should have more suitable
name.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
a173957865 Remove toTupleList and attrList from LDAPEntry 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
4779865ea3 Replace getList by a get_entries method 
The find_entries method is cumbersome to use: it requires keyword arguments
for simple uses, and callers are tempted to ignore the 'truncated' flag
it returns.
Introduce a simpler method, get_entries, that returns the found
list directly, and raises an errors if the list is truncated.
Replace the getList method by get_entries.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
f5c404c65d Replace entry.getValue by entry.single_value 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
66eaf1220d Remove special-casing for missing and single-valued attributes in LDAPUpdate._entry_to_entity 2013-03-01 16:59:45 +01:00
Petr Viktorin
6eeb5ecbea Introduce LDAPEntry.single_value for getting single-valued attributes 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
5271eb217c Replace IPAdmin.checkTask by replication.wait_for_task 
The method was only used for waiting, not actual checking.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:45 +01:00
Petr Viktorin
b69f6983e4 Remove IPAdmin.get_dns_sorted_by_length 
A simple sort(key=len) is simpler both implementation-wise and
semantics-wise.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
607ff478f5 Remove IPAdmin.updateEntry calls from fix_replica_agreements 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
8be8d4ebfd Remove dbdir, binddn, bindpwd from IPAdmin 
The dbdir logic was moved to replication.py, the only caller.
The binddn and bindpwd attributes were unused.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
1960945e28 Turn the LDAPError handler into a context manager 
This has the advantage that the traceback is left intact if an error
other than LDAPError is raised.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
d11c337541 Remove unused bindcert and bindkey arguments to IPAdmin 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
334ba2e79f Remove unused imports from ipaserver/install 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
abb22806a7 Change {add,update,delete}_entry to take LDAPEntries 
These methods currently take (dn, entry_attrs, normalize=True)
(or (dn, normalize=True) for delete).
Change them to also accept just an LDAPEntry.
For add and update, document the old style as deprecated.

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
aa6fb75637 Replace add_s and delete_s by their newer equivalents 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
66c7fd1323 Replace entry.setValue/setValues by item assignment 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
c613caab67 Replace entry.getValues() by entry.get() 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
b2dd8d7f05 Use update_entry with a single entry in adtrustinstance 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Petr Viktorin
3dd4b36e1a Replace setValue by keyword arguments when creating entries 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
 2013-03-01 16:59:44 +01:00
Jan Cholasta
6896626baa Remove the Entry class. 2013-03-01 16:59:43 +01:00
Jan Cholasta
c1d6937ea2 Remove the Entity class. 
Move Entity functionality to LDAPEntry.
 2013-03-01 16:59:43 +01:00
Jan Cholasta
8d92ca851c Add make_entry factory method to LDAPConnection. 
Replace all occurences of Entry instantiation with calls to make_entry.
 2013-03-01 16:59:43 +01:00