freeipa/ipaserver
Florence Blanc-Renaud 07975b52c3 trust-add: handle missing msSFU30MaxGidNumber
When ipa trust-add is executed with --range-type ad-trust-posix,
the server tries to find the max uidnumber and max gidnumber
from AD domain controller.
The values are extracted from the entry
CN=<domain>,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,<AD suffix>
in the msSFU30MaxUidNumber and msSFU30MaxGidNumber attributes.

msSFU30MaxUidNumber is required but not msSFU30MaxGidNumber.
In case msSFU30MaxGidNumber is missing, the code is currently assigning
a "None" value and later on evaluates the max between this value and
msSFU30MaxUidNumber. The max function cannot compare None and a list
of string and triggers an exception.

To avoid the exception, assign [b'0'] to max gid if msSFU30MaxGidNumber
is missing. This way, the comparison succeeds and max returns the
value from msSFU30MaxUidNumber.

Fixes: https://pagure.io/freeipa/issue/9310
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2023-01-25 15:23:29 +01:00
..
advise pylint: Skip raising-bad-type 2022-03-11 13:37:08 -05:00
custodia pylint: fix consider-iterating-dictionary 2023-01-10 08:30:58 +01:00
dnssec pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
install Installer: create RID base before domain object 2023-01-17 15:51:25 +01:00
plugins trust-add: handle missing msSFU30MaxGidNumber 2023-01-25 15:23:29 +01:00
secrets pylint: disable missing-timeout message 2023-01-10 08:30:58 +01:00
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
dcerpc_common.py Py3: Replace six.text_type with str 2018-09-27 16:11:18 +02:00
dcerpc.py pylint: Fix unused-variable 2022-03-11 13:37:08 -05:00
dns_data_management.py Generate CNAMEs for TXT+URI location krb records 2022-11-23 20:00:17 +01:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
masters.py Add hidden replica feature 2019-03-28 17:57:58 +01:00
p11helper.py Grammar: whitespace is a word 2020-06-23 10:16:29 +02:00
rpcserver.py pylint: disable missing-timeout message 2023-01-10 08:30:58 +01:00
servroles.py Use api.env.container_sysaccounts 2020-04-28 11:28:29 +02:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Also drop Custodia client and forwarder 2021-06-16 10:28:17 -04:00
topology.py pylint: Fix consider-using-dict-items 2022-03-11 13:37:08 -05:00
wsgi.py Improve wsgi app loading 2021-04-07 11:43:23 +03:00