On Thu, 04 Oct 2012, Martin Kosek wrote:
On 09/25/2012 04:30 PM, Alexander Bokovoy wrote:

I did have bug filed against python-ldap in January and for some reason
my patch to accomodate two ways of making LDAP controls was not included
in March 2012 when I presented it as part of trusts, but yesterday we
found it is really needed for RHEL6 version of python-ldap.

Rather than having separate patch, I'd prefer to have both versions
supported upstream. The same issue was with Fedora 16 versus Fedora 17.

Tested on F17 and RHEL 6.3 and it works fine on both systems (and Python 

ACK if you change



+except ImportError:
Change attached.

/ Alexander Bokovoy
>From 535254d041451eb14442b93142f7574779e492e2 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <aboko...@redhat.com>
Date: Tue, 25 Sep 2012 17:23:33 +0300
Subject: [PATCH 1/3] Support python-ldap 2.3 way of making LDAP control

This strange patch is to accomodate both python-ldap 2.3 and later versions.
There was refactoring in python-ldap support for LDAP controls that split
base class into two different, changing properties and method signatures.

Luckily, we don't use any values passed to encodeControlValue.
 ipaserver/dcerpc.py | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -40,8 +40,12 @@ from samba.ndr import ndr_pack
 from samba import net
 import samba
 import random
-import ldap as _ldap
 from Crypto.Cipher import ARC4
+    from ldap.controls import RequestControl as LDAPControl #pylint: 
+except ImportError:
+    from ldap.controls import LDAPControl as LDAPControl    #pylint: 
+import ldap as _ldap
 __doc__ = _("""
 Classes to manage trust joins using DCE-RPC calls
@@ -81,13 +85,17 @@ def assess_dcerpc_exception(num=None,message=None):
                   message "%(message)s" (both may be "None")''') % 
dict(num=num, message=message)
     return errors.RemoteRetrieveError(reason=reason)
-class ExtendedDNControl(_ldap.controls.RequestControl):
+class ExtendedDNControl(LDAPControl):
+    # This class attempts to implement LDAP control that would work
+    # with both python-ldap 2.4.x and 2.3.x, thus there is mix of properties
+    # from both worlds and encodeControlValue has default parameter
     def __init__(self):
+        self.controlValue = 1
         self.controlType = "1.2.840.113556.1.4.529"
         self.criticality = False
         self.integerValue = 1
-    def encodeControlValue(self):
+    def encodeControlValue(self, value=None):
         return '0\x03\x02\x01\x01'
 class DomainValidator(object):

Freeipa-devel mailing list

Reply via email to