[Freeipa-devel] [PATCH 0056] Add otptoken-sync command

Thu Jun 26 11:02:44 UTC 2014

On Wed, 25 Jun 2014, Nathaniel McCallum wrote:
>On Wed, 2014-06-25 at 13:18 +0300, Alexander Bokovoy wrote:
>> On Tue, 24 Jun 2014, Nathaniel McCallum wrote:
>> >On Tue, 2014-06-03 at 09:18 -0400, Nathaniel McCallum wrote:
>> >> On Tue, 2014-06-03 at 10:27 +0200, Petr Vobornik wrote:
>> >> > On 3.6.2014 05:08, Nathaniel McCallum wrote:
>> >> > > This command calls the token sync HTTP POST call in the server providing
>> >> > > the CLI interface to synchronization.
>> >> > >
>> >> > > https://fedorahosted.org/freeipa/ticket/4260
>> >> > >
>> >> > > This patch depends on my patch #0055.
>> >> > >
>> >> >
>> >> > Build fails on validation. You forgot to update API.txt and also the
>> >> > command misses __doc__.
>> >> >
>> >> > (not a proper review)
>> >>
>> >> Thanks, fixed.
>> >
>> >Attached is a new revision which is rebased on master.
>> >
>> >In addition it:
>> >
>> >1. Moves user to a parameter and moves token to an argument. Doing it
>> >this way both mirrors the existing otptoken APIs and sets us up for
>> >future Kerberos based syncing where the username/password will be
>> >optional.
>> >
>> >2. Converts the token ID to a DN.
>> ACK.
>>
>> Please do not commit this patch yet, we are not done with its
>> dependencies.
>
>As discussed off list, we also needed to verify the certificate so that
>passwords were not sent in the clear to a MITM. This has now been
>implemented. VERSION is bumped and ./makeapi was run. This patch is also
>rebased on top of my patch 0058 (which is already ACK'd), so 0058 needs
>to be merged before this patch (0056).
Right. There is one small fix that need to be squashed prior to
committing as pylint cannot get insights into function states.

The patch attached. With it, ACK.

-- 
/ Alexander Bokovoy
-------------- next part --------------
>From b1e75c884fd5303dce038e4f3dc6158d93785671 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Thu, 26 Jun 2014 13:16:47 +0300
Subject: [PATCH 4/4] fixup! Add otptoken-sync command

---
 ipalib/plugins/otptoken.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipalib/plugins/otptoken.py b/ipalib/plugins/otptoken.py
index 46ad77a..7b9e256 100644
--- a/ipalib/plugins/otptoken.py
+++ b/ipalib/plugins/otptoken.py
@@ -394,7 +394,7 @@ class otptoken_remove_managedby(LDAPRemoveMember):
 class HTTPSConnection(httplib.HTTPConnection):
     "Generates an SSL HTTP connection that performs hostname validation."
 
-    ssl_kwargs = ssl.wrap_socket.func_code.co_varnames[1:ssl.wrap_socket.func_code.co_argcount]
+    ssl_kwargs = ssl.wrap_socket.func_code.co_varnames[1:ssl.wrap_socket.func_code.co_argcount] #pylint: disable=E1101
     default_port = httplib.HTTPS_PORT
 
     def __init__(self, host, **kwargs):
-- 
1.9.3

