[Freeipa-devel] [freeipa PR#214][opened] ipaldap: remove do_bind from LDAPClient

Tue, 08 Nov 2016 03:43:35 -0800 

   URL: https://github.com/freeipa/freeipa/pull/214
Author: tomaskrizek
 Title: #214: ipaldap: remove do_bind from LDAPClient
Action: opened

PR body:
"""
Remove do_bind() method that was a relict used in IPAdmin. Replace
its uses with simple / external binds.

https://fedorahosted.org/freeipa/ticket/6461
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/214/head:pr214
git checkout pr214

From f27333f7a60a41599a3a1b68a54ca3eea9945353 Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Tue, 8 Nov 2016 12:16:09 +0100
Subject: [PATCH] ipaldap: remove do_bind from LDAPClient

Remove do_bind() method that was a relict used in IPAdmin. Replace
its uses with simple / external binds.

https://fedorahosted.org/freeipa/ticket/6461
---
 install/tools/ipa-httpd-kdcproxy        |  2 +-
 ipapython/ipaldap.py                    | 20 --------------------
 ipaserver/install/bindinstance.py       |  2 +-
 ipaserver/install/dnskeysyncinstance.py |  3 +--
 4 files changed, 3 insertions(+), 24 deletions(-)

diff --git a/install/tools/ipa-httpd-kdcproxy b/install/tools/ipa-httpd-kdcproxy
index 20674c2..329565c 100755
--- a/install/tools/ipa-httpd-kdcproxy
+++ b/install/tools/ipa-httpd-kdcproxy
@@ -79,7 +79,7 @@ class KDCProxyConfig(object):
         self.log.debug('ldap_uri: %s', self.ldap_uri)
         try:
             self.con = LDAPClient(self.ldap_uri)
-            self.con.do_bind()
+            self.con.external_bind()
         except (errors.NetworkError, socket.timeout) as e:
             msg = 'Unable to connect to dirsrv: %s' % e
             raise CheckError(msg)
diff --git a/ipapython/ipaldap.py b/ipapython/ipaldap.py
index 2994c01..ed5c804 100644
--- a/ipapython/ipaldap.py
+++ b/ipapython/ipaldap.py
@@ -749,26 +749,6 @@ def __init__(self, ldap_uri, start_tls=False, force_schema_updates=False,
     def __str__(self):
         return self.ldap_uri
 
-    def do_bind(self, dm_password="", autobind=AUTOBIND_AUTO):
-        if dm_password:
-            self.simple_bind(bind_dn=DIRMAN_DN,
-                             bind_password=dm_password)
-            return
-        if (autobind != AUTOBIND_DISABLED and os.getegid() == 0 and
-                self._protocol == 'ldapi'):
-            try:
-                # autobind
-                self.external_bind()
-                return
-            except errors.NotFound:
-                if autobind == AUTOBIND_ENABLED:
-                    # autobind was required and failed, raise
-                    # exception that it failed
-                    raise
-
-        # fall back
-        self.gssapi_bind()
-
     def modify_s(self, dn, modlist):
         # FIXME: for backwards compatibility only
         assert isinstance(dn, DN)
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index 7d6f3ba..9810246 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -241,7 +241,7 @@ def dns_container_exists(fqdn, suffix, dm_password=None, ldapi=False,
         ldap_uri = ipaldap.get_ldap_uri(fqdn, 636, ldapi=ldapi, realm=realm,
                                         cacert=CACERT)
         conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
-        conn.do_bind(dm_password)
+        conn.simple_bind(ipaldap.DIRMAN_DN, dm_password)
     except ldap.SERVER_DOWN:
         raise RuntimeError('LDAP server on %s is not responding. Is IPA installed?' % fqdn)
 
diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py
index a6c1013..bc2477b 100644
--- a/ipaserver/install/dnskeysyncinstance.py
+++ b/ipaserver/install/dnskeysyncinstance.py
@@ -44,8 +44,7 @@ def dnssec_container_exists(fqdn, suffix, dm_password=None, ldapi=False,
         ldap_uri = ipaldap.get_ldap_uri(fqdn, 636, ldapi=ldapi, realm=realm,
                                         cacert=CACERT)
         conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
-
-        conn.do_bind(dm_password)
+        conn.simple_bind(ipaldap.DIRMAN_DN, dm_password)
     except ldap.SERVER_DOWN:
         raise RuntimeError('LDAP server on %s is not responding. Is IPA installed?' % fqdn)
 

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to