rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0029-Fix-session-cookies.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   76b7d5fe670b99aad856addbf8c290bcca980584
  2.   SOURCES
  3.   0029-Fix-session-cookies.patch
Blob History Raw
403b09 
From 059ced75270c681144462dba3772812901495054 Mon Sep 17 00:00:00 2001
403b09 
From: Florence Blanc-Renaud <flo@redhat.com>
403b09 
Date: Thu, 21 Jul 2016 16:54:43 +0200
403b09 
Subject: [PATCH] Fix session cookies
403b09
403b09 
The CLI was not using session cookies for communication with IPA API.
403b09 
The kernel_keyring code was expecting the keyname to be a string, but
403b09 
in python 2 a unicode was supplied (the key is built using
403b09 
ipa_session_cookie:%principal and principal is a unicode).
403b09
403b09 
The patch fixes the assertions, allowing to store and retrieve the cookie.
403b09 
It also adds a test with unicode key name.
403b09
403b09 
https://fedorahosted.org/freeipa/ticket/5984
403b09
403b09 
Reviewed-By: Petr Spacek <pspacek@redhat.com>
403b09 
---
403b09 
 ipapython/kernel_keyring.py             | 15 ++++++++-------
403b09 
 ipatests/test_ipapython/test_keyring.py | 15 +++++++++++++++
403b09 
 2 files changed, 23 insertions(+), 7 deletions(-)
403b09
403b09 
diff --git a/ipapython/kernel_keyring.py b/ipapython/kernel_keyring.py
403b09 
index ed4868a9d8eaffdae6f717928663296bd20c762e..651fd708667420d1769e3601a8fa0b6c52604a10 100644
403b09 
--- a/ipapython/kernel_keyring.py
403b09 
+++ b/ipapython/kernel_keyring.py
403b09 
@@ -18,6 +18,7 @@
403b09 
 #
403b09
403b09 
 import os
403b09 
+import six
403b09
403b09 
 from ipapython.ipautil import run
403b09
403b09 
@@ -45,7 +46,7 @@ def get_real_key(key):
403b09 
     One cannot request a key based on the description it was created with
403b09 
     so find the one we're looking for.
403b09 
     """
403b09 
-    assert isinstance(key, str)
403b09 
+    assert isinstance(key, six.string_types)
403b09 
     result = run(['keyctl', 'search', KEYRING, KEYTYPE, key],
403b09 
                  raiseonerr=False, capture_output=True)
403b09 
     if result.returncode:
403b09 
@@ -53,7 +54,7 @@ def get_real_key(key):
403b09 
     return result.raw_output.rstrip()
403b09
403b09 
 def get_persistent_key(key):
403b09 
-    assert isinstance(key, str)
403b09 
+    assert isinstance(key, six.string_types)
403b09 
     result = run(['keyctl', 'get_persistent', KEYRING, key],
403b09 
                  raiseonerr=False, capture_output=True)
403b09 
     if result.returncode:
403b09 
@@ -73,7 +74,7 @@ def has_key(key):
403b09 
     """
403b09 
     Returns True/False whether the key exists in the keyring.
403b09 
     """
403b09 
-    assert isinstance(key, str)
403b09 
+    assert isinstance(key, six.string_types)
403b09 
     try:
403b09 
         get_real_key(key)
403b09 
         return True
403b09 
@@ -86,7 +87,7 @@ def read_key(key):
403b09
403b09 
     Use pipe instead of print here to ensure we always get the raw data.
403b09 
     """
403b09 
-    assert isinstance(key, str)
403b09 
+    assert isinstance(key, six.string_types)
403b09 
     real_key = get_real_key(key)
403b09 
     result = run(['keyctl', 'pipe', real_key], raiseonerr=False,
403b09 
                  capture_output=True)
403b09 
@@ -99,7 +100,7 @@ def update_key(key, value):
403b09 
     """
403b09 
     Update the keyring data. If they key doesn't exist it is created.
403b09 
     """
403b09 
-    assert isinstance(key, str)
403b09 
+    assert isinstance(key, six.string_types)
403b09 
     assert isinstance(value, bytes)
403b09 
     if has_key(key):
403b09 
         real_key = get_real_key(key)
403b09 
@@ -114,7 +115,7 @@ def add_key(key, value):
403b09 
     """
403b09 
     Add a key to the kernel keyring.
403b09 
     """
403b09 
-    assert isinstance(key, str)
403b09 
+    assert isinstance(key, six.string_types)
403b09 
     assert isinstance(value, bytes)
403b09 
     if has_key(key):
403b09 
         raise ValueError('key %s already exists' % key)
403b09 
@@ -127,7 +128,7 @@ def del_key(key):
403b09 
     """
403b09 
     Remove a key from the keyring
403b09 
     """
403b09 
-    assert isinstance(key, str)
403b09 
+    assert isinstance(key, six.string_types)
403b09 
     real_key = get_real_key(key)
403b09 
     result = run(['keyctl', 'unlink', real_key, KEYRING],
403b09 
                  raiseonerr=False)
403b09 
diff --git a/ipatests/test_ipapython/test_keyring.py b/ipatests/test_ipapython/test_keyring.py
403b09 
index e22841c8f5d229d17cdd05ab9c4248eeffaab249..c81e6d95f7ebdf585ee37ecf71151c01e0001912 100644
403b09 
--- a/ipatests/test_ipapython/test_keyring.py
403b09 
+++ b/ipatests/test_ipapython/test_keyring.py
403b09 
@@ -28,6 +28,7 @@ import pytest
403b09 
 pytestmark = pytest.mark.tier0
403b09
403b09 
 TEST_KEY = 'ipa_test'
403b09 
+TEST_UNICODEKEY = u'ipa_unicode'
403b09 
 TEST_VALUE = b'abc123'
403b09 
 UPDATE_VALUE = b'123abc'
403b09
403b09 
@@ -49,6 +50,10 @@ class test_keyring(object):
403b09 
             kernel_keyring.del_key(SIZE_256)
403b09 
         except ValueError:
403b09 
             pass
403b09 
+        try:
403b09 
+            kernel_keyring.del_key(TEST_UNICODEKEY)
403b09 
+        except ValueError:
403b09 
+            pass
403b09
403b09 
     def test_01(self):
403b09 
         """
403b09 
@@ -150,3 +155,13 @@ class test_keyring(object):
403b09 
         assert(result == SIZE_1024.encode('ascii'))
403b09
403b09 
         kernel_keyring.del_key(TEST_KEY)
403b09 
+
403b09 
+    def test_10(self):
403b09 
+        """
403b09 
+        Test a unicode key
403b09 
+        """
403b09 
+        kernel_keyring.add_key(TEST_UNICODEKEY, TEST_VALUE)
403b09 
+        result = kernel_keyring.read_key(TEST_UNICODEKEY)
403b09 
+        assert(result == TEST_VALUE)
403b09 
+
403b09 
+        kernel_keyring.del_key(TEST_UNICODEKEY)
403b09 
--
403b09 
2.7.4
403b09

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation