From b574423a54dbff7dbca89c6cee49f0304f2393e1 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 14 Jan 2014 14:23:47 -0500 Subject: [PATCH 19/25] Change the way we determine if the host has a password set. When creating a host with a password we don't set a Kerberos principal or add the Kerberos objectclasses. Those get added when the host is enrolled. If one passed in --password= (so no password) then we incorrectly thought the user was in fact setting a password, so the principal and objectclasses weren't updated. https://fedorahosted.org/freeipa/ticket/4102 --- ipalib/plugins/host.py | 2 +- ipatests/test_xmlrpc/test_host_plugin.py | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 7aa94aa95ba9be17c308546d5d2fe247f27a07b3..9d45e270ff8221e4b9380684cb56112db4af4f52 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -425,7 +425,7 @@ def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): entry_attrs['l'] = entry_attrs['locality'] entry_attrs['cn'] = keys[-1] entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0] - if 'userpassword' not in entry_attrs and not options.get('random', False): + if not entry_attrs.get('userpassword', False) and not options.get('random', False): entry_attrs['krbprincipalname'] = 'host/%s@%s' % ( keys[-1], self.api.env.realm ) diff --git a/ipatests/test_xmlrpc/test_host_plugin.py b/ipatests/test_xmlrpc/test_host_plugin.py index a23a34112f5c041a8325d5090580b535d93c7a72..7b64398fadd236b9b06723ef561cb19d61bca6d5 100644 --- a/ipatests/test_xmlrpc/test_host_plugin.py +++ b/ipatests/test_xmlrpc/test_host_plugin.py @@ -863,6 +863,33 @@ class test_host(Declarative): ), ), + + dict( + desc='Create a host with a NULL password', + command=('host_add', [fqdn3], + dict( + description=u'Test host 3', + force=True, + userpassword=None, + ), + ), + expected=dict( + value=fqdn3, + summary=u'Added host "%s"' % fqdn3, + result=dict( + dn=dn3, + fqdn=[fqdn3], + description=[u'Test host 3'], + krbprincipalname=[u'host/%s@%s' % (fqdn3, api.env.realm)], + objectclass=objectclasses.host, + ipauniqueid=[fuzzy_uuid], + managedby_host=[u'%s' % fqdn3], + has_keytab=False, + has_password=False, + ), + ), + ), + ] class test_host_false_pwd_change(XMLRPC_test): -- 1.8.4.2