I did have bug filed against python-ldap in January and for some reason
my patch to accomodate two ways of making LDAP controls was not included
in March 2012 when I presented it as part of trusts, but yesterday we
found it is really needed for RHEL6 version of python-ldap.
Rather than having separate patch, I'd prefer to have both versions
supported upstream. The same issue was with Fedora 16 versus Fedora 17.
/ Alexander Bokovoy
>From 9d6f09aadd2bd47660934d0f606e9a326456d6e4 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <aboko...@redhat.com>
Date: Tue, 25 Sep 2012 17:23:33 +0300
Subject: [PATCH 1/2] Support python-ldap 2.3 way of making LDAP control
This strange patch is to accomodate both python-ldap 2.3 and later versions.
There was refactoring in python-ldap support for LDAP controls that split
base class into two different, changing properties and method signatures.
Luckily, we don't use any values passed to encodeControlValue.
ipaserver/dcerpc.py | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
@@ -40,8 +40,12 @@ from samba.ndr import ndr_pack
from samba import net
-import ldap as _ldap
from Crypto.Cipher import ARC4
+ from ldap.controls import RequestControl as LDAPControl #pylint:
+ from ldap.controls import LDAPControl as LDAPControl #pylint:
+import ldap as _ldap
__doc__ = _("""
Classes to manage trust joins using DCE-RPC calls
@@ -81,13 +85,17 @@ def assess_dcerpc_exception(num=None,message=None):
message "%(message)s" (both may be "None")''') %
+ # This class attempts to implement LDAP control that would work
+ # with both python-ldap 2.4.x and 2.3.x, thus there is mix of properties
+ # from both worlds and encodeControlValue has default parameter
+ self.controlValue = 1
self.controlType = "1.2.840.113522.214.171.1249"
self.criticality = False
self.integerValue = 1
- def encodeControlValue(self):
+ def encodeControlValue(self, value=None):
Freeipa-devel mailing list