[Freeipa-devel] [PATCHES] 225-230 Drop support for the legacy LDAP API
Petr Viktorin
pviktori at redhat.com
Mon Jan 20 11:23:45 UTC 2014
On 01/14/2014 11:31 AM, Jan Cholasta wrote:
> On 10.1.2014 16:02, Petr Viktorin wrote:
>> On 01/07/2014 01:54 PM, Jan Cholasta wrote:
>>> On 16.12.2013 14:45, Petr Viktorin wrote:
>>>> On 12/16/2013 10:22 AM, Jan Cholasta wrote:
>>>>> On 13.12.2013 15:16, Petr Viktorin wrote:
>>>>>> On 12/10/2013 04:05 PM, Jan Cholasta wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> I believe the time has come to drop support for the legacy (dn,
>>>>>>> entry_attrs) tuple API and move to the new LDAPEntry API
>>>>>>> exclusively.
>>>>>>> The attached patches convert existing code which uses the old API to
>>>>>>> the
>>>>>>> new API and remove backward compatibility code from the ipaldap
>>>>>>> module.
>>>>>>>
>>>>>>> Note that there are still some functions/methods which accept
>>>>>>> separate
>>>>>>> dn and entry_attrs arguments, they will be adapted to LDAPEntry
>>>>>>> later.
>>>>>>>
>>>>>>> Honza
>>>>>>
>>>>>> The first N-1 patches can be tested,acked,pushed independently,
>>>>>> right?
>>>>>
>>>>> Yes.
>>>>>
>>>>>> If that's the case, ACK for 225
>>>>
>>>> Pushed that one to master, 5 more to go.
>>>> bc3f3381c6bf0b4941889b775025a60f56318551
>>>>
>>
>> 226 needs a rebase.
>>
>> 227: in install/tools/ipa-adtrust-install:
>>
>> + entry_attrs = conn.make_entry(
>> + dn,
>> + objectclass=['top', 'pkiuser', 'nscontainer'],
>> + usercertificate=cert)
>> + conn.add_entry(entry_attrs)
>>
>> Shouldn't it be `usercertificate=[cert]` now? Similarly in ra_cert, and
>> in ipa-server-install with ipacertificatesubjectbase
>>
>> Otherwise this looks good.
>>
>> 228: in ipaserver/install/plugins/update_idranges.py, again we should
>> use lists
>>
>> Otherwise it looks good
>>
>> 229: ACK
>>
>
> Rebased and fixed everything, updated patches attached.
Here, patch 226 breaks tests for selinuxusermap_enable/disable, at
least. The EmptyModlist and AlreadyActive/AlreadyInactive error is no
longer raised, since the previous entry state is no longer retrieved.
--
Petr³
More information about the Freeipa-devel
mailing list