URL: https://github.com/freeipa/freeipa/pull/741 Author: stlaz Title: #741: 6.9 -> 7.4 migration fixes Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/741/head:pr741 git checkout pr741
From fddf366557e23806a5e05ba06c8471828c8daa7b Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka <slazn...@redhat.com> Date: Thu, 27 Apr 2017 12:51:30 +0200 Subject: [PATCH 1/2] Refresh Dogtag RestClient.ca_host property Refresh the ca_host property of the Dogtag's RestClient class when it's requested as a context manager. This solves the problem which would occur on DL0 when installing CA against an old master which does not have port 8443 accessible. The setup tries to update the cert profiles via this port but fail. This operation should be performed against the local instance anyway. https://pagure.io/freeipa/issue/6878 --- ipaserver/plugins/dogtag.py | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index 3997531..2ac4674 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1202,7 +1202,6 @@ def select_any_master(ldap2, service='CA'): import random from ipaserver.plugins import rabase from ipalib.constants import TYPE_ERROR -from ipalib.util import cachedproperty from ipalib import _ from ipaplatform.paths import paths @@ -1250,34 +1249,45 @@ def __init__(self, api): self.client_keyfile = paths.RA_AGENT_KEY super(RestClient, self).__init__(api) + self._ca_host = None # session cookie self.override_port = None self.cookie = None - @cachedproperty + @property def ca_host(self): """ - :return: host - as str + :returns: FQDN of a host hopefully providing a CA service - Select our CA host. + Select our CA host, cache it for the first time. """ + if self._ca_host is not None: + return self._ca_host + ldap2 = self.api.Backend.ldap2 if host_has_service(api.env.ca_host, ldap2, "CA"): - return api.env.ca_host - if api.env.host != api.env.ca_host: + self._ca_host = api.env.ca_host + elif api.env.host != api.env.ca_host: if host_has_service(api.env.host, ldap2, "CA"): - return api.env.host - host = select_any_master(ldap2) - if host: - return host + self._ca_host = api.env.host else: - return api.env.ca_host + self._ca_host = select_any_master(ldap2) + if self._ca_host is None: + self._ca_host = api.env.ca_host + return self._ca_host + + @ca_host.setter + def ca_host(self, value): + self._ca_host = value def __enter__(self): """Log into the REST API""" if self.cookie is not None: return + + # Refresh the ca_host property + self._ca_host = None + status, resp_headers, _resp_body = dogtag.https_request( self.ca_host, self.override_port or self.env.ca_agent_port, url='/ca/rest/account/login', From 6d7589e8654d11a7d73256d862ecad8168a5e4da Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka <slazn...@redhat.com> Date: Fri, 28 Apr 2017 09:31:45 +0200 Subject: [PATCH 2/2] Remove the cachedproperty class The cachedproperty class was used in one special use-case where it only caused issues. Let's get rid of it. https://pagure.io/freeipa/issue/6878 --- ipalib/util.py | 34 ---------------------------------- 1 file changed, 34 deletions(-) diff --git a/ipalib/util.py b/ipalib/util.py index e9d4105..8973a19 100644 --- a/ipalib/util.py +++ b/ipalib/util.py @@ -34,7 +34,6 @@ import encodings import sys import ssl -from weakref import WeakKeyDictionary import netaddr from dns import resolver, rdatatype @@ -492,39 +491,6 @@ def remove_sshpubkey_from_output_list_post(context, entries): delattr(context, 'ipasshpubkey_added') -class cachedproperty(object): - """ - A property-like attribute that caches the return value of a method call. - - When the attribute is first read, the method is called and its return - value is saved and returned. On subsequent reads, the saved value is - returned. - - Typical usage: - class C(object): - @cachedproperty - def attr(self): - return 'value' - """ - __slots__ = ('getter', 'store') - - def __init__(self, getter): - self.getter = getter - self.store = WeakKeyDictionary() - - def __get__(self, obj, cls): - if obj is None: - return None - if obj not in self.store: - self.store[obj] = self.getter(obj) - return self.store[obj] - - def __set__(self, obj, value): - raise AttributeError("can't set attribute") - - def __delete__(self, obj): - raise AttributeError("can't delete attribute") - # regexp matching signed floating point number (group 1) followed by # optional whitespace followed by time unit, e.g. day, hour (group 7) time_duration_re = re.compile(r'([-+]?((\d+)|(\d+\.\d+)|(\.\d+)|(\d+\.)))\s*([a-z]+)', re.IGNORECASE)
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code