[Freeipa-devel] [PATCH] 326 Improve compatibility of LDAP rename_s call

Rob Crittenden rcritten at redhat.com
Fri Oct 26 16:59:17 UTC 2012 

Martin Kosek wrote:
> On 10/25/2012 04:20 PM, Jan Cholasta wrote:
>> Hi,
>>
>> On 25.10.2012 16:16, Martin Kosek wrote:
>>> On 10/25/2012 03:18 PM, Rob Crittenden wrote:
>>>> Petr Viktorin wrote:
>>>>> On 10/24/2012 08:47 PM, Rob Crittenden wrote:
>>>>>> Martin Kosek wrote:
>>>>>>> python-ldap of version 2.3.10 and lower does not support serverctrls
>>>>>>> and clientctrls options. This makes every rename operation in IPA
>>>>>>> to crash with Internal Error.
>>>>>>>
>>>>>>> Make sure that we respect the difference between both versions in
>>>>>>> our LDAP module and do not pass serverctrls and clientctrls when
>>>>>>> they are not supported. NotImplementedException is raised when the
>>>>>>> options are used with this version.
>>>>>>>
>>>>>>> https://fedorahosted.org/freeipa/ticket/3199
>>>>>>
>>>>>> This may be overkill, but would it be better to use introspection to
>>>>>> determine if the arguments are supported?
>>>>>>
>>>>>> import ldap
>>>>>> import inspect
>>>>>> signature = inspect.getargspec(ldap.ldapobject.LDAPObject.rename_s)
>>>>>> if 'serverctrls' in signature.args:
>>>>>>        _EXTENDED_RENAME_S = True
>>>>>> else:
>>>>>>        _EXTENDED_RENAME_S = False
>>>>>>
>>>>>> rob
>>>>>>
>>>>>
>>>>> Yes, I believe that would be overkill. If the module exports its
>>>>> version, why not use it.
>>>>
>>>> The reason is in RHEL patches are often backported w/o the version being
>>>> affected so merely checking versions may not be sufficient.
>>>>
>>>>> A simpler solution would be that our wrapper would just not use the
>>>>> extra arguments at all. We're technically wrapping the old version (or
>>>>> better) of python-ldap, so I don't see why it would hurt.
>>>>> It would also have the advantage that we couldn't use the extra
>>>>> arguments in our code, as opposed to getting errors when someone happens
>>>>> to try with the old version.
>>>>>
>>>>
>>>> Yes, this would work in this rename case.
>>>>
>>>> rob
>>>
>>> Ok, I took this path with my patch too. Tested with Fedora 17 + RHEL-6.
>>>
>>> Martin
>>>
>>
>> There's a typo: "NOTICE: python-ldap of version 2.3.10 and lower does not
>> support serverctrls and clientctrls *fir* rename_s operation".
>>
>> Honza
>>
>
> You have more keen eyes that I do :-) Fixed patch attached.
>
> Martin
>

ACK, pushed to master and ipa-3-0

ro

More information about the Freeipa-devel mailing list