From 28595ab71004a9e12ba1436d2d3ee4f4cff9e5b0 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Wed, 19 Jun 2024 13:38:05 -0500 Subject: [PATCH] Move authdb methods into PKIDeployer --- .../python/pki/server/deployment/__init__.py | 29 ++++++++++++++++++ .../python/pki/server/deployment/pkiparser.py | 30 ------------------- base/server/python/pki/server/pkispawn.py | 4 +-- 3 files changed, 31 insertions(+), 32 deletions(-) diff --git a/base/server/python/pki/server/deployment/__init__.py b/base/server/python/pki/server/deployment/__init__.py index 546218f69fa..9b2cd06d109 100644 --- a/base/server/python/pki/server/deployment/__init__.py +++ b/base/server/python/pki/server/deployment/__init__.py @@ -144,6 +144,8 @@ def __init__(self): self.startup_timeout = None self.request_timeout = None + self.authdb_url = None + self.force = False self.remove_conf = False self.remove_logs = False @@ -223,6 +225,33 @@ def ds_init(self): self.mdict['pki_ds_secure_connection_ca_pem_file']) ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND) + def authdb_init(self): + + hostname = self.mdict['pki_authdb_hostname'] + port = self.mdict['pki_authdb_port'] + + if config.str2bool(self.mdict['pki_authdb_secure_conn']): + scheme = 'ldaps' + else: + scheme = 'ldap' + + self.authdb_url = scheme + '://' + hostname + ':' + port + + def authdb_base_dn_exists(self): + try: + connection = ldap.initialize(self.authdb_url) + results = connection.search_s( + self.mdict['pki_authdb_basedn'], + ldap.SCOPE_BASE) + + if results is None or len(results) == 0: + return False + + return True + + except ldap.NO_SUCH_OBJECT: + return False + def init_logger(self, filename): pki_logger = logging.getLogger('pki') diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index c1d8269eb40..916e5144b02 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -24,7 +24,6 @@ import argparse import getpass import json -import ldap import logging import os import string @@ -304,7 +303,6 @@ def __init__(self, description, epilog, deployer=None): help='Run in debug mode') self.indent = 0 - self.authdb_connection = None self.mdict = deployer.mdict @@ -619,34 +617,6 @@ def validate_user_config(self, filename): logger.warning(message) - def authdb_connect(self): - - hostname = self.mdict['pki_authdb_hostname'] - port = self.mdict['pki_authdb_port'] - - if config.str2bool(self.mdict['pki_authdb_secure_conn']): - protocol = 'ldaps' - else: - protocol = 'ldap' - - self.authdb_connection = ldap.initialize( - protocol + '://' + hostname + ':' + port) - self.authdb_connection.search_s('', ldap.SCOPE_BASE) - - def authdb_base_dn_exists(self): - try: - results = self.authdb_connection.search_s( - self.mdict['pki_authdb_basedn'], - ldap.SCOPE_BASE) - - if results is None or len(results) == 0: - return False - - return True - - except ldap.NO_SUCH_OBJECT: - return False - def get_server_status(self, system_type, system_uri): parse = urlparse(self.mdict[system_uri]) # Because this is utilized exclusively during pkispawn, we can safely diff --git a/base/server/python/pki/server/pkispawn.py b/base/server/python/pki/server/pkispawn.py index 5be896243c2..7919d3a52f7 100644 --- a/base/server/python/pki/server/pkispawn.py +++ b/base/server/python/pki/server/pkispawn.py @@ -492,8 +492,8 @@ def main(argv): deployer.set_property('pki_authdb_basedn', basedn) try: - parser.authdb_connect() - if parser.authdb_base_dn_exists(): + deployer.authdb_init() + if deployer.authdb_base_dn_exists(): break else: parser.print_text('ERROR: base DN does not exist')