Re: [Freeipa-devel] [PATCH] 1105 fix creating host with --password=

[Martin Kosek]

On 01/14/2014 08:44 PM, Rob Crittenden wrote:
 Fix creating a host with --password= (yes, an empty password). The ticket has
 full reproduction details.
 
 rob

Works fine, thanks for the test.

ACK, pushed to master, ipa-3-3.

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 1105 fix creating host with --password=

[Rob Crittenden]

Fix creating a host with --password= (yes, an empty password). The 
ticket has full reproduction details.


rob
From 1f854bf29e8584169a6f7e0607b2dcc9d641f84d Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Tue, 14 Jan 2014 14:23:47 -0500
Subject: [PATCH] Change the way we determine if the host has a password set.

When creating a host with a password we don't set a Kerberos
principal or add the Kerberos objectclasses. Those get added when the
host is enrolled. If one passed in --password= (so no password) then
we incorrectly thought the user was in fact setting a password, so the
principal and objectclasses weren't updated.

https://fedorahosted.org/freeipa/ticket/4102
---
 ipalib/plugins/host.py   |  2 +-
 ipatests/test_xmlrpc/test_host_plugin.py | 27 +++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index ef7ec5284aeda87971a1aa5e19107dd572f674e0..27b692a9e6bea57daa15561931b06be994800284 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -424,7 +424,7 @@ class host_add(LDAPCreate):
 entry_attrs['l'] = entry_attrs['locality']
 entry_attrs['cn'] = keys[-1]
 entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0]
-if 'userpassword' not in entry_attrs and not options.get('random', False):
+if not entry_attrs.get('userpassword', False) and not options.get('random', False):
 entry_attrs['krbprincipalname'] = 'host/%s@%s' % (
 keys[-1], self.api.env.realm
 )
diff --git a/ipatests/test_xmlrpc/test_host_plugin.py b/ipatests/test_xmlrpc/test_host_plugin.py
index a23a34112f5c041a8325d5090580b535d93c7a72..7b64398fadd236b9b06723ef561cb19d61bca6d5 100644
--- a/ipatests/test_xmlrpc/test_host_plugin.py
+++ b/ipatests/test_xmlrpc/test_host_plugin.py
@@ -863,6 +863,33 @@ class test_host(Declarative):
 ),
 ),
 
+
+dict(
+desc='Create a host with a NULL password',
+command=('host_add', [fqdn3],
+dict(
+description=u'Test host 3',
+force=True,
+userpassword=None,
+),
+),
+expected=dict(
+value=fqdn3,
+summary=u'Added host %s' % fqdn3,
+result=dict(
+dn=dn3,
+fqdn=[fqdn3],
+description=[u'Test host 3'],
+krbprincipalname=[u'host/%s@%s' % (fqdn3, api.env.realm)],
+objectclass=objectclasses.host,
+ipauniqueid=[fuzzy_uuid],
+managedby_host=[u'%s' % fqdn3],
+has_keytab=False,
+has_password=False,
+),
+),
+),
+
 ]
 
 class test_host_false_pwd_change(XMLRPC_test):
-- 
1.8.4.2

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel