python-ldap of version 2.3.10 and lower does not support serverctrls
and clientctrls options. This makes every rename operation in IPA
to crash with Internal Error.

Make sure that we respect the difference between both versions in
our LDAP module and do not pass serverctrls and clientctrls when
they are not supported. NotImplementedException is raised when the
options are used with this version.

https://fedorahosted.org/freeipa/ticket/3199
From e644f0dd80b2f46369005430de0b8389703a775d Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Wed, 24 Oct 2012 10:42:44 +0200
Subject: [PATCH] Improve compatibility of LDAP rename_s call

python-ldap of version 2.3.10 and lower does not support serverctrls
and clientctrls options. This makes every rename operation in IPA
to crash with Internal Error.

Make sure that we respect the difference between both versions in
our LDAP module and do not pass serverctrls and clientctrls when
they are not supported. NotImplementedException is raised when the
options are used with this version.

https://fedorahosted.org/freeipa/ticket/3199
---
 ipaserver/plugins/ldap2.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index 1a754a55f13b60786de17d3198ced009e67caa4e..a3db2f5cdad7c7d9b167e85d678f48b1c22a1221 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -45,6 +45,15 @@ import ldap as _ldap
 from ldap.ldapobject import SimpleLDAPObject
 import ldap.filter as _ldap_filter
 import ldap.sasl as _ldap_sasl
+from distutils.version import LooseVersion
+if LooseVersion(_ldap.__version__) >= LooseVersion("2.3.11"):
+    # python 2.3.11 changelog:
+    #   ldap.ldapobject.LDAPObject.rename_s() now also accepts arguments
+    #   serverctrls and clientctrls
+    _EXTENDED_RENAME_S = True
+else:
+    _EXTENDED_RENAME_S = False
+
 from ipapython.dn import DN, RDN
 from ipapython.ipautil import CIDict
 from collections import namedtuple
@@ -540,7 +549,12 @@ class IPASimpleLDAPObject(object):
         dn = str(dn)
         assert isinstance(newrdn, (DN, RDN))
         newrdn = str(newrdn)
-        return self.conn.rename_s(dn, newrdn, newsuperior, delold, serverctrls, clientctrls)
+        if _EXTENDED_RENAME_S:
+            return self.conn.rename_s(dn, newrdn, newsuperior, delold, serverctrls, clientctrls)
+        else:
+            if serverctrls is not None or clientctrls is not None:
+                raise NotImplementedError('rename_s does support serverctrls and clientctrls')
+            return self.conn.rename_s(dn, newrdn, newsuperior, delold)
 
     def result(self, msgid=_ldap.RES_ANY, all=1, timeout=None):
         resp_type, resp_data = self.conn.result(msgid, all, timeout)
-- 
1.7.11.7

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to