[Freeipa-devel] [PATCH 0038] Fix generation of invalid OTP URIs

Alexander Bokovoy abokovoy at redhat.com
Sun Mar 23 21:17:53 UTC 2014 

On Mon, 10 Feb 2014, Nathaniel McCallum wrote:
>Patch attached.

>>From e7eac9997750ee1a8ce864746dbc6faa54de766b Mon Sep 17 00:00:00 2001
>From: Nathaniel McCallum <npmccallum at redhat.com>
>Date: Mon, 10 Feb 2014 12:07:51 -0500
>Subject: [PATCH] Fix generation of invalid OTP URIs
>
>---
> ipalib/plugins/otptoken.py | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
>diff --git a/ipalib/plugins/otptoken.py b/ipalib/plugins/otptoken.py
>index 5a5d35d153e7b3698aeebe1e93831b48a8b8f91e..ff92efa11776171b09993060e0805c8ffa6806da 100644
>--- a/ipalib/plugins/otptoken.py
>+++ b/ipalib/plugins/otptoken.py
>@@ -202,6 +202,15 @@ class otptoken_add(LDAPCreate):
>     )
> 
>     def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
>+        # These are values we always want to write to LDAP. So if they are
>+        # specified as a value that evaluates to False (i.e. None), delete them
>+        # and fill in the defaults below.
>+        for attr in ('ipatokentotpclockoffset', 'ipatokentotptimestep',
>+                     'ipatokenotpalgorithm', 'ipatokenotpdigits',
>+                     'ipatokenotpkey'):
>+            if attr in entry_attrs and not entry_attrs[attr]:
>+                del entry_attrs[attr]
>+
>         # Set defaults. This needs to happen on the server side because we may
>         # have global configurable defaults in the near future.
>         options.setdefault('type', TOKEN_TYPES[0])
ACK.


Since this patch rotted a bit, attaching rebased version.

-- 
/ Alexander Bokovoy
-------------- next part --------------
>From c9d7909da5129b969a851913df48366d0e0a3f1f Mon Sep 17 00:00:00 2001
From: Nathaniel McCallum <npmccallum at redhat.com>
Date: Mon, 10 Feb 2014 12:07:51 -0500
Subject: [PATCH] Fix generation of invalid OTP URIs

---
 ipalib/plugins/otptoken.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/ipalib/plugins/otptoken.py b/ipalib/plugins/otptoken.py
index 9152539..8987c99 100644
--- a/ipalib/plugins/otptoken.py
+++ b/ipalib/plugins/otptoken.py
@@ -233,6 +233,15 @@ class otptoken_add(LDAPCreate):
     )
 
     def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
+        # These are values we always want to write to LDAP. So if they are
+        # specified as a value that evaluates to False (i.e. None), delete them
+        # and fill in the defaults below.
+        for attr in ('ipatokentotpclockoffset', 'ipatokentotptimestep',
+                     'ipatokenotpalgorithm', 'ipatokenotpdigits',
+                     'ipatokenotpkey'):
+            if attr in entry_attrs and not entry_attrs[attr]:
+                del entry_attrs[attr]
+
         # Set the object class and defaults for specific token types
         entry_attrs['objectclass'] = otptoken.object_class + ['ipatoken' + options['type']]
         for ttype, tattrs in TOKEN_TYPES.items():
-- 
1.8.5.3

More information about the Freeipa-devel mailing list