[Freeipa-devel] [PATCH 0116] Refactoring of service autobind

[Jan Cholasta]

Hi,

Dne 27.8.2014 v 15:22 Martin Basti napsal(a):
> Patch attached.
>

1) Please rename object_exists to entry_exists.


2) Use empty attribute list in get_entry() in object_exists/entry_exists.


3) Please update LDAPObject.get_dn_if_exists() to use 
object_exists/entry_exists.


4) I'm not a fan of how do_bind() is laid out, IMHO something like this 
would be better (untested):

+    def do_bind(self, dm_password=None, autobind=AUTOBIND_AUTO, 
timeout=DEFAULT_TIMEOUT):
+        if dm_password:
+            self.do_simple_bind(bindpw=dm_password, timeout=timeout)
+            return
+
+        if autobind != AUTOBIND_DISABLED and os.getegid() == 0 and 
self.ldapi:
+            try:
+                # autobind
+                pw_name = pwd.getpwuid(os.geteuid()).pw_name
+                self.do_external_bind(pw_name, timeout=timeout)
+                return
+            except errors.NotFound:
+                if autobind == AUTOBIND_ENABLED:
+                    # autobind was required and failed, raise
+                    # exception that it failed
+                    raise
+
+        # Fall back
+        self.do_sasl_gssapi_bind(timeout=timeout)


Honza

-- 
Jan Cholasta