[Freeipa-devel] [freeipa PR#860][opened] adtrustinstance: fix ID range comparison

Wed, 07 Jun 2017 03:14:07 -0700 

   URL: https://github.com/freeipa/freeipa/pull/860
Author: stlaz
 Title: #860: adtrustinstance: fix ID range comparison
Action: opened

PR body:
"""
The ID range comparison was comparing numbers to a string or possibly
to `None` and was tailored in such a way that the check would always
pass although it went directly against the definition of the absolute
value of a substitution.

https://pagure.io/freeipa/issue/7002
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/860/head:pr860
git checkout pr860

From 4b6c3b9e4116dd84e63b92a839c306d90a912a6e Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slazn...@redhat.com>
Date: Wed, 7 Jun 2017 08:10:20 +0200
Subject: [PATCH] adtrustinstance: fix ID range comparison

The ID range comparison was comparing numbers to a string or possibly
to `None` and was tailored in such a way that the check would always
pass although it went directly against the definition of the absolute
value of a substitution.

https://pagure.io/freeipa/issue/7002
---
 ipaserver/install/adtrustinstance.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py
index 66dd6b57b6..b5d5751276 100644
--- a/ipaserver/install/adtrustinstance.py
+++ b/ipaserver/install/adtrustinstance.py
@@ -345,9 +345,14 @@ def __add_rid_bases(self):
 
             # Abort if RID bases are too close
             local_range = ranges_with_no_rid_base[0]
-            size = local_range.single_value.get('ipaIDRangeSize')
+            try:
+                size = int(local_range.single_value.get('ipaIDRangeSize'))
+            except ValueError:
+                raise RuntimeError('ipaIDRangeSize is set to a non-integer '
+                                   'value or is not set at all (got {val})'
+                                   .format(val=size))
 
-            if abs(self.rid_base - self.secondary_rid_base) > size:
+            if abs(self.rid_base - self.secondary_rid_base) < size:
                 self.print_msg("Primary and secondary RID base are too close. "
                       "They have to differ at least by %d." % size)
                 raise RuntimeError("RID bases too close.\n")

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to