[Freeipa-devel] [PATCH] 0079 support creating LDAP control by python-ldap 2.3 (RHEL) and newer versions (Fedora)

Alexander Bokovoy abokovoy at redhat.com
Thu Oct 4 14:48:48 UTC 2012 

On Thu, 04 Oct 2012, Martin Kosek wrote:
>On 09/25/2012 04:30 PM, Alexander Bokovoy wrote:
>> Hi,
>>
>> I did have bug filed against python-ldap in January and for some reason
>> my patch to accomodate two ways of making LDAP controls was not included
>> in March 2012 when I presented it as part of trusts, but yesterday we
>> found it is really needed for RHEL6 version of python-ldap.
>>
>> Rather than having separate patch, I'd prefer to have both versions
>> supported upstream. The same issue was with Fedora 16 versus Fedora 17.
>>
>
>Tested on F17 and RHEL 6.3 and it works fine on both systems (and Python versions).
>
>ACK if you change
>
>+except:
>
>to
>
>+except ImportError:
Change attached.



-- 
/ Alexander Bokovoy
-------------- next part --------------
>From 535254d041451eb14442b93142f7574779e492e2 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Tue, 25 Sep 2012 17:23:33 +0300
Subject: [PATCH 1/3] Support python-ldap 2.3 way of making LDAP control

This strange patch is to accomodate both python-ldap 2.3 and later versions.
There was refactoring in python-ldap support for LDAP controls that split
base class into two different, changing properties and method signatures.

Luckily, we don't use any values passed to encodeControlValue.
---
 ipaserver/dcerpc.py | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index cbe28753d4ba9487165c6b9ed1721541b6fa00bf..e7b41e6d8f1922ccabef8a61bad3ff50534fa406 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -40,8 +40,12 @@ from samba.ndr import ndr_pack
 from samba import net
 import samba
 import random
-import ldap as _ldap
 from Crypto.Cipher import ARC4
+try:
+    from ldap.controls import RequestControl as LDAPControl #pylint: disable=F0401
+except ImportError:
+    from ldap.controls import LDAPControl as LDAPControl    #pylint: disable=F0401
+import ldap as _ldap
 
 __doc__ = _("""
 Classes to manage trust joins using DCE-RPC calls
@@ -81,13 +85,17 @@ def assess_dcerpc_exception(num=None,message=None):
                   message "%(message)s" (both may be "None")''') % dict(num=num, message=message)
     return errors.RemoteRetrieveError(reason=reason)
 
-class ExtendedDNControl(_ldap.controls.RequestControl):
+class ExtendedDNControl(LDAPControl):
+    # This class attempts to implement LDAP control that would work
+    # with both python-ldap 2.4.x and 2.3.x, thus there is mix of properties
+    # from both worlds and encodeControlValue has default parameter
     def __init__(self):
+        self.controlValue = 1
         self.controlType = "1.2.840.113556.1.4.529"
         self.criticality = False
         self.integerValue = 1
 
-    def encodeControlValue(self):
+    def encodeControlValue(self, value=None):
         return '0\x03\x02\x01\x01'
 
 class DomainValidator(object):
-- 
1.7.12

More information about the Freeipa-devel mailing list