From 7f85b91ff7bc2a6018ec92cb51edfce7c3dfd8c2 Mon Sep 17 00:00:00 2001 From: William Brown Date: Oct 11 2017 15:24:23 +0000 Subject: Ticket 26 - improve lib389 sasl support Bug Description: Our sasl support was lacking, and in some cases didn't work due to entry issues. Fix Description: Improve the support for rootdse, reseting config values, and querying objects. https://pagure.io/lib389/issue/26 Author: wibrown Review by: spichugi, mreynolds (Thanks!) --- diff --git a/src/lib389/lib389/_mapped_object.py b/src/lib389/lib389/_mapped_object.py index 9ccf29d..49d0448 100644 --- a/src/lib389/lib389/_mapped_object.py +++ b/src/lib389/lib389/_mapped_object.py @@ -290,7 +290,8 @@ class DSLdapObject(DSLogging): if self._instance.state != DIRSRV_STATE_ONLINE: raise ValueError("Invalid state. Cannot get properties on instance that is not ONLINE") else: - return self._instance.getEntry(self._dn).getValuesSet(keys) + entry = self._instance.search_s(self._dn, ldap.SCOPE_BASE, attrlist=keys)[0] + return entry.getValuesSet(keys) def get_attr_vals(self, key): """Get an attribute's values from the dn""" @@ -301,7 +302,10 @@ class DSLdapObject(DSLogging): # In the future, I plan to add a mode where if local == true, we # can use get on dse.ldif to get values offline. else: - return self._instance.getEntry(self._dn).getValues(key) + # It would be good to prevent the entry code intercepting this .... + # We have to do this in this method, because else we ignore the scope base. + entry = self._instance.search_s(self._dn, ldap.SCOPE_BASE, attrlist=[key])[0] + return entry.getValues(key) def get_attr_val(self, key): """Get a single attribute value from the dn""" @@ -312,7 +316,8 @@ class DSLdapObject(DSLogging): # In the future, I plan to add a mode where if local == true, we # can use get on dse.ldif to get values offline. else: - return self._instance.getEntry(self._dn).getValue(key) + entry = self._instance.search_s(self._dn, ldap.SCOPE_BASE, attrlist=[key])[0] + return entry.getValue(key) # Duplicate, but with many values. IE a dict api. # This diff --git a/src/lib389/lib389/config.py b/src/lib389/lib389/config.py index 74e970a..53c8f48 100644 --- a/src/lib389/lib389/config.py +++ b/src/lib389/lib389/config.py @@ -97,6 +97,9 @@ class Config(DSLdapObject): self.set('nsslapd-accesslog-logbuffering', value) + def reset(self, key): + self.set(key, None, action=ldap.MOD_DELETE) + # THIS WILL BE SPLIT OUT TO ITS OWN MODULE def enable_ssl(self, secport=636, secargs=None): """Configure SSL support into cn=encryption,cn=config. diff --git a/src/lib389/lib389/rootdse.py b/src/lib389/lib389/rootdse.py index 8d3a6d1..e6d34e9 100644 --- a/src/lib389/lib389/rootdse.py +++ b/src/lib389/lib389/rootdse.py @@ -21,6 +21,9 @@ class RootDSE(DSLdapObject): super(RootDSE, self).__init__(instance=conn, batch=batch) self._dn = "" + def supported_sasl(self): + return self.get_attr_vals('supportedSASLMechanisms') + def supports_sasl_gssapi(self): return self.present("supportedSASLMechanisms", 'GSSAPI')