This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch master in repository lib389.
commit ffa0af5f5ff9fda503af773f6c4d5cffaeddc1ef Author: William Brown firstyear@redhat.com Date: Mon Jun 5 15:12:39 2017 +1000
Ticket 63 - lib389 python 3 fix
Bug Description: In def open for python 3 we introduced a bynes vs str issue in tls setopt
Fix Description: wrap the offending code in ensure str
https://pagure.io/lib389/issue/63
Author: wibrown
Review by: ??? --- lib389/__init__.py | 6 +++--- lib389/_entry.py | 2 +- lib389/idm/user.py | 2 +- lib389/nss_ssl.py | 4 +++- 4 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/lib389/__init__.py b/lib389/__init__.py index d96a937..9e2465f 100644 --- a/lib389/__init__.py +++ b/lib389/__init__.py @@ -1034,12 +1034,12 @@ class DirSrv(SimpleLDAPObject, object): if userkey is not None: # Note this sets LDAP.OPT not SELF. Because once self has opened # it can NOT change opts AT ALL. - ldap.set_option(ldap.OPT_X_TLS_KEYFILE, userkey) + ldap.set_option(ldap.OPT_X_TLS_KEYFILE, ensure_str(userkey)) log.debug("Using user private key %s" % userkey) if usercert is not None: # Note this sets LDAP.OPT not SELF. Because once self has opened # it can NOT change opts AT ALL. - ldap.set_option(ldap.OPT_X_TLS_CERTFILE, usercert) + ldap.set_option(ldap.OPT_X_TLS_CERTFILE, ensure_str(usercert)) log.debug("Using user certificate %s" % usercert)
if certdir is not None: @@ -1048,7 +1048,7 @@ class DirSrv(SimpleLDAPObject, object): """ # Note this sets LDAP.OPT not SELF. Because once self has opened # it can NOT change opts AT ALL. - ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, certdir) + ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, ensure_str(certdir)) log.debug("Using external ca certificate %s" % certdir)
if certdir or starttls: diff --git a/lib389/_entry.py b/lib389/_entry.py index 5b7aaec..cf04817 100644 --- a/lib389/_entry.py +++ b/lib389/_entry.py @@ -185,7 +185,7 @@ class Entry(object): return val == self.data.get(name) if isinstance(val, tuple): return list(val) == self.data.get(name) - return val in self.data.get(name) + return ensure_bytes(val) in self.data.get(name)
def hasValueCase(self, name, val): """ diff --git a/lib389/idm/user.py b/lib389/idm/user.py index 66a72cf..965d0be 100644 --- a/lib389/idm/user.py +++ b/lib389/idm/user.py @@ -53,7 +53,7 @@ class UserAccount(Account): self._protected = False
def _validate(self, rdn, properties, basedn): - if properties.has_key('ntUserDomainId') and 'ntUser' not in self._create_objectclasses: + if 'ntUserDomainId' in properties and 'ntUser' not in self._create_objectclasses: self._create_objectclasses.append('ntUser')
return super(UserAccount, self)._validate(rdn, properties, basedn) diff --git a/lib389/nss_ssl.py b/lib389/nss_ssl.py index 05ddbfc..90e78f9 100644 --- a/lib389/nss_ssl.py +++ b/lib389/nss_ssl.py @@ -19,6 +19,8 @@ import socket from subprocess import check_call, check_output from lib389.passwd import password_generate
+from lib389.utils import ensure_str, ensure_bytes + KEYBITS = 4096 CA_NAME = 'Self-Signed-CA' CERT_NAME = 'Server-Cert' @@ -139,7 +141,7 @@ class NssSsl(object): ] certdetails = check_output(cmd) with open('%s/ca.crt' % self.dirsrv.get_cert_dir(), 'w') as f: - f.write(certdetails) + f.write(ensure_str(certdetails)) if os.path.isfile('/usr/sbin/cacertdir_rehash'): check_output(['/usr/sbin/cacertdir_rehash', self.dirsrv.get_cert_dir()]) return True