rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0115-factor-out-populate_remote_domain-method-into-module.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   403b09ab980c02ef36095973349a13e0181c794a
  2.   SOURCES
  3.   0115-factor-out-populate_remote_domain-method-into-module.patch
Blob History Raw
403b09 
From 9b3a64e24a25a6ebbf7e755ae67c2f0eb2bfdf39 Mon Sep 17 00:00:00 2001
403b09 
From: Martin Babinsky <mbabinsk@redhat.com>
403b09 
Date: Thu, 1 Sep 2016 18:09:05 +0200
403b09 
Subject: [PATCH] factor out `populate_remote_domain` method into module-level
403b09 
 function
403b09
403b09 
This allows for re-use of this method in cases where the caller can not or
403b09 
wishes not to instantiate local Samba domain to retrieve information about
403b09 
remote ones.
403b09
403b09 
https://fedorahosted.org/freeipa/ticket/6057
403b09
403b09 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
403b09 
---
403b09 
 ipaserver/dcerpc.py | 94 ++++++++++++++++++++++++++++++-----------------------
403b09 
 1 file changed, 53 insertions(+), 41 deletions(-)
403b09
403b09 
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
403b09 
index 4d98485e17a9113322b7e38629fc43b593e99fd9..71b8ba6f17bea6b52ae26fe2467de380e5458099 100644
403b09 
--- a/ipaserver/dcerpc.py
403b09 
+++ b/ipaserver/dcerpc.py
403b09 
@@ -1534,6 +1534,52 @@ def fetch_domains(api, mydomain, trustdomain, creds=None, server=None):
403b09 
     return result
403b09
403b09
403b09 
+def retrieve_remote_domain(hostname, local_flatname,
403b09 
+                           realm, realm_server=None,
403b09 
+                           realm_admin=None, realm_passwd=None):
403b09 
+    def get_instance(local_flatname):
403b09 
+        # Fetch data from foreign domain using password only
403b09 
+        rd = TrustDomainInstance('')
403b09 
+        rd.parm.set('workgroup', local_flatname)
403b09 
+        rd.creds = credentials.Credentials()
403b09 
+        rd.creds.set_kerberos_state(credentials.DONT_USE_KERBEROS)
403b09 
+        rd.creds.guess(rd.parm)
403b09 
+        return rd
403b09 
+
403b09 
+    rd = get_instance(local_flatname)
403b09 
+    rd.creds.set_anonymous()
403b09 
+    rd.creds.set_workstation(hostname)
403b09 
+    if realm_server is None:
403b09 
+        rd.retrieve_anonymously(realm, discover_srv=True, search_pdc=True)
403b09 
+    else:
403b09 
+        rd.retrieve_anonymously(realm_server,
403b09 
+                                discover_srv=False, search_pdc=True)
403b09 
+    rd.read_only = True
403b09 
+    if realm_admin and realm_passwd:
403b09 
+        if 'name' in rd.info:
403b09 
+            names = realm_admin.split('\\')
403b09 
+            if len(names) > 1:
403b09 
+                # realm admin is in DOMAIN\user format
403b09 
+                # strip DOMAIN part as we'll enforce the one discovered
403b09 
+                realm_admin = names[-1]
403b09 
+            auth_string = u"%s\%s%%%s" \
403b09 
+                          % (rd.info['name'], realm_admin, realm_passwd)
403b09 
+            td = get_instance(local_flatname)
403b09 
+            td.creds.parse_string(auth_string)
403b09 
+            td.creds.set_workstation(hostname)
403b09 
+            if realm_server is None:
403b09 
+                # we must have rd.info['dns_hostname'] then
403b09 
+                # as it is part of the anonymous discovery
403b09 
+                td.retrieve(rd.info['dns_hostname'])
403b09 
+            else:
403b09 
+                td.retrieve(realm_server)
403b09 
+            td.read_only = False
403b09 
+            return td
403b09 
+
403b09 
+    # Otherwise, use anonymously obtained data
403b09 
+    return rd
403b09 
+
403b09 
+
403b09 
 class TrustDomainJoins(object):
403b09 
     def __init__(self, api):
403b09 
         self.api = api
403b09 
@@ -1565,47 +1611,13 @@ class TrustDomainJoins(object):
403b09
403b09 
     def populate_remote_domain(self, realm, realm_server=None,
403b09 
                                realm_admin=None, realm_passwd=None):
403b09 
-        def get_instance(self):
403b09 
-            # Fetch data from foreign domain using password only
403b09 
-            rd = TrustDomainInstance('')
403b09 
-            rd.parm.set('workgroup', self.local_domain.info['name'])
403b09 
-            rd.creds = credentials.Credentials()
403b09 
-            rd.creds.set_kerberos_state(credentials.DONT_USE_KERBEROS)
403b09 
-            rd.creds.guess(rd.parm)
403b09 
-            return rd
403b09 
-
403b09 
-        rd = get_instance(self)
403b09 
-        rd.creds.set_anonymous()
403b09 
-        rd.creds.set_workstation(self.local_domain.hostname)
403b09 
-        if realm_server is None:
403b09 
-            rd.retrieve_anonymously(realm, discover_srv=True, search_pdc=True)
403b09 
-        else:
403b09 
-            rd.retrieve_anonymously(realm_server,
403b09 
-                                    discover_srv=False, search_pdc=True)
403b09 
-        rd.read_only = True
403b09 
-        if realm_admin and realm_passwd:
403b09 
-            if 'name' in rd.info:
403b09 
-                names = realm_admin.split('\\')
403b09 
-                if len(names) > 1:
403b09 
-                    # realm admin is in DOMAIN\user format
403b09 
-                    # strip DOMAIN part as we'll enforce the one discovered
403b09 
-                    realm_admin = names[-1]
403b09 
-                auth_string = u"%s\%s%%%s" \
403b09 
-                              % (rd.info['name'], realm_admin, realm_passwd)
403b09 
-                td = get_instance(self)
403b09 
-                td.creds.parse_string(auth_string)
403b09 
-                td.creds.set_workstation(self.local_domain.hostname)
403b09 
-                if realm_server is None:
403b09 
-                    # we must have rd.info['dns_hostname'] then
403b09 
-                    # as it is part of the anonymous discovery
403b09 
-                    td.retrieve(rd.info['dns_hostname'])
403b09 
-                else:
403b09 
-                    td.retrieve(realm_server)
403b09 
-                td.read_only = False
403b09 
-                self.remote_domain = td
403b09 
-                return
403b09 
-        # Otherwise, use anonymously obtained data
403b09 
-        self.remote_domain = rd
403b09 
+        self.remote_domain = retrieve_remote_domain(
403b09 
+            self.local_domain.hostname,
403b09 
+            self.local_domain.info['name'],
403b09 
+            realm,
403b09 
+            realm_server=realm_server,
403b09 
+            realm_admin=realm_admin,
403b09 
+            realm_passwd=realm_passwd)
403b09
403b09 
     def get_realmdomains(self):
403b09 
         """
403b09 
--
403b09 
2.7.4
403b09

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation