The function convert_error(), convert_exception() used to convert an LDAP exception is defined multiple places due to cut-n-paste. There should only be one definition of the function, that has been done, it's located in /ipapython/ipautil.py as the function convert_ldap_error(). That function has been enhanced to be a bit more robust the original cut-n-paste copies. The other copies of convert_error and convert_exception should be removed and the version in ipapython.ipautil should be used instead.
At the same time it was noticed that the constant CACERT (/etc/ipa/ca.crt) is defined in multiple places. Sometimes /etc/ipa/ca.crt is simply hard-coded. There should be exactly one definition of this constant (in constants.py?), the duplicate definitions should be removed and the global value imported, any hard-coded /etc/ipa/ca.crt should be replaced with the constant.
Note: the ipapython.ipautil version of ldap_convert_error was added in a security update which as not yet been committed to master but will be soon.
Instead of ipautil.convert_error we should use our LDAP wrapper (ipaldap). It provides value conversion, common connection code and other helpers that are currently reimplemented or cut-n-pasted where needed.
It would have to be moved to ipalib so that client-install can use it.
Metadata Update from @jdennis: - Issue assigned to someone - Issue set to the milestone: Ticket Backlog
This is no longer applicable, things are done very differently now.
Metadata Update from @rcritten: - Issue close_status updated to: invalid - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.