Tree - rpms/ipa - CentOS Git server

pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 4 years ago

Source
Stats

Blame SOURCES/0115-factor-out-populate_remote_domain-method-into-module.patch

Blob History Raw

		403b09	`From 9b3a64e24a25a6ebbf7e755ae67c2f0eb2bfdf39 Mon Sep 17 00:00:00 2001`
		403b09	`From: Martin Babinsky <mbabinsk@redhat.com>`
		403b09	`Date: Thu, 1 Sep 2016 18:09:05 +0200`
		403b09	Subject: [PATCH] factor out `populate_remote_domain` method into module-level
		403b09	`function`
		403b09
		403b09	`This allows for re-use of this method in cases where the caller can not or`
		403b09	`wishes not to instantiate local Samba domain to retrieve information about`
		403b09	`remote ones.`
		403b09
		403b09	`https://fedorahosted.org/freeipa/ticket/6057`
		403b09
		403b09	`Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>`
		403b09	`---`
		403b09	`ipaserver/dcerpc.py \| 94 ++++++++++++++++++++++++++++++-----------------------`
		403b09	`1 file changed, 53 insertions(+), 41 deletions(-)`
		403b09
		403b09	`diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py`
		403b09	`index 4d98485e17a9113322b7e38629fc43b593e99fd9..71b8ba6f17bea6b52ae26fe2467de380e5458099 100644`
		403b09	`--- a/ipaserver/dcerpc.py`
		403b09	`+++ b/ipaserver/dcerpc.py`
		403b09	`@@ -1534,6 +1534,52 @@ def fetch_domains(api, mydomain, trustdomain, creds=None, server=None):`
		403b09	`return result`
		403b09
		403b09
		403b09	`+def retrieve_remote_domain(hostname, local_flatname,`
		403b09	`+ realm, realm_server=None,`
		403b09	`+ realm_admin=None, realm_passwd=None):`
		403b09	`+ def get_instance(local_flatname):`
		403b09	`+ # Fetch data from foreign domain using password only`
		403b09	`+ rd = TrustDomainInstance('')`
		403b09	`+ rd.parm.set('workgroup', local_flatname)`
		403b09	`+ rd.creds = credentials.Credentials()`
		403b09	`+ rd.creds.set_kerberos_state(credentials.DONT_USE_KERBEROS)`
		403b09	`+ rd.creds.guess(rd.parm)`
		403b09	`+ return rd`
		403b09	`+`
		403b09	`+ rd = get_instance(local_flatname)`
		403b09	`+ rd.creds.set_anonymous()`
		403b09	`+ rd.creds.set_workstation(hostname)`
		403b09	`+ if realm_server is None:`
		403b09	`+ rd.retrieve_anonymously(realm, discover_srv=True, search_pdc=True)`
		403b09	`+ else:`
		403b09	`+ rd.retrieve_anonymously(realm_server,`
		403b09	`+ discover_srv=False, search_pdc=True)`
		403b09	`+ rd.read_only = True`
		403b09	`+ if realm_admin and realm_passwd:`
		403b09	`+ if 'name' in rd.info:`
		403b09	`+ names = realm_admin.split('\\')`
		403b09	`+ if len(names) > 1:`
		403b09	`+ # realm admin is in DOMAIN\user format`
		403b09	`+ # strip DOMAIN part as we'll enforce the one discovered`
		403b09	`+ realm_admin = names[-1]`
		403b09	`+ auth_string = u"%s\%s%%%s" \`
		403b09	`+ % (rd.info['name'], realm_admin, realm_passwd)`
		403b09	`+ td = get_instance(local_flatname)`
		403b09	`+ td.creds.parse_string(auth_string)`
		403b09	`+ td.creds.set_workstation(hostname)`
		403b09	`+ if realm_server is None:`
		403b09	`+ # we must have rd.info['dns_hostname'] then`
		403b09	`+ # as it is part of the anonymous discovery`
		403b09	`+ td.retrieve(rd.info['dns_hostname'])`
		403b09	`+ else:`
		403b09	`+ td.retrieve(realm_server)`
		403b09	`+ td.read_only = False`
		403b09	`+ return td`
		403b09	`+`
		403b09	`+ # Otherwise, use anonymously obtained data`
		403b09	`+ return rd`
		403b09	`+`
		403b09	`+`
		403b09	`class TrustDomainJoins(object):`
		403b09	`def __init__(self, api):`
		403b09	`self.api = api`
		403b09	`@@ -1565,47 +1611,13 @@ class TrustDomainJoins(object):`
		403b09
		403b09	`def populate_remote_domain(self, realm, realm_server=None,`
		403b09	`realm_admin=None, realm_passwd=None):`
		403b09	`- def get_instance(self):`
		403b09	`- # Fetch data from foreign domain using password only`
		403b09	`- rd = TrustDomainInstance('')`
		403b09	`- rd.parm.set('workgroup', self.local_domain.info['name'])`
		403b09	`- rd.creds = credentials.Credentials()`
		403b09	`- rd.creds.set_kerberos_state(credentials.DONT_USE_KERBEROS)`
		403b09	`- rd.creds.guess(rd.parm)`
		403b09	`- return rd`
		403b09	`-`
		403b09	`- rd = get_instance(self)`
		403b09	`- rd.creds.set_anonymous()`
		403b09	`- rd.creds.set_workstation(self.local_domain.hostname)`
		403b09	`- if realm_server is None:`
		403b09	`- rd.retrieve_anonymously(realm, discover_srv=True, search_pdc=True)`
		403b09	`- else:`
		403b09	`- rd.retrieve_anonymously(realm_server,`
		403b09	`- discover_srv=False, search_pdc=True)`
		403b09	`- rd.read_only = True`
		403b09	`- if realm_admin and realm_passwd:`
		403b09	`- if 'name' in rd.info:`
		403b09	`- names = realm_admin.split('\\')`
		403b09	`- if len(names) > 1:`
		403b09	`- # realm admin is in DOMAIN\user format`
		403b09	`- # strip DOMAIN part as we'll enforce the one discovered`
		403b09	`- realm_admin = names[-1]`
		403b09	`- auth_string = u"%s\%s%%%s" \`
		403b09	`- % (rd.info['name'], realm_admin, realm_passwd)`
		403b09	`- td = get_instance(self)`
		403b09	`- td.creds.parse_string(auth_string)`
		403b09	`- td.creds.set_workstation(self.local_domain.hostname)`
		403b09	`- if realm_server is None:`
		403b09	`- # we must have rd.info['dns_hostname'] then`
		403b09	`- # as it is part of the anonymous discovery`
		403b09	`- td.retrieve(rd.info['dns_hostname'])`
		403b09	`- else:`
		403b09	`- td.retrieve(realm_server)`
		403b09	`- td.read_only = False`
		403b09	`- self.remote_domain = td`
		403b09	`- return`
		403b09	`- # Otherwise, use anonymously obtained data`
		403b09	`- self.remote_domain = rd`
		403b09	`+ self.remote_domain = retrieve_remote_domain(`
		403b09	`+ self.local_domain.hostname,`
		403b09	`+ self.local_domain.info['name'],`
		403b09	`+ realm,`
		403b09	`+ realm_server=realm_server,`
		403b09	`+ realm_admin=realm_admin,`
		403b09	`+ realm_passwd=realm_passwd)`
		403b09
		403b09	`def get_realmdomains(self):`
		403b09	`"""`
		403b09	`--`
		403b09	`2.7.4`
		403b09

pgreco / rpms / ipa

Source Code

Blame SOURCES/0115-factor-out-populate_remote_domain-method-into-module.patch