From 81916b45285e79e0134b18238ef5fc98ab2f3d63 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Fri, 26 Apr 2019 11:53:33 +0200
Subject: [PATCH] ipaclient_api: Do not use version numbers for backward
compatibility checks
The use of version numbers for backward compatibility checks is not
optimal because the version number is not changed if changes are back
ported. The version dependant check has been replaced with an inspect
argspec check.
---
roles/ipaclient/library/ipaclient_api.py | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/roles/ipaclient/library/ipaclient_api.py b/roles/ipaclient/library/ipaclient_api.py
index 01aa26cc..284bbb41 100644
--- a/roles/ipaclient/library/ipaclient_api.py
+++ b/roles/ipaclient/library/ipaclient_api.py
@@ -123,19 +123,20 @@ def main():
# Add CA certs to a temporary NSS database
try:
- if NUM_VERSION > 40404:
+ argspec = inspect.getargspec(tmp_db.create_db)
+ if "password_filename" not in argspec.args:
tmp_db.create_db()
-
- for i, cert in enumerate(ca_certs):
- tmp_db.add_cert(cert,
- 'CA certificate %d' % (i + 1),
- certdb.EXTERNAL_CA_TRUST_FLAGS)
else:
pwd_file = write_tmp_file(ipa_generate_password())
tmp_db.create_db(pwd_file.name)
-
- for i, cert in enumerate(ca_certs):
- tmp_db.add_cert(cert, 'CA certificate %d' % (i + 1), 'C,,')
+ for i, cert in enumerate(ca_certs):
+ if hasattr(certdb, "EXTERNAL_CA_TRUST_FLAGS"):
+ tmp_db.add_cert(cert,
+ 'CA certificate %d' % (i + 1),
+ certdb.EXTERNAL_CA_TRUST_FLAGS)
+ else:
+ tmp_db.add_cert(cert, 'CA certificate %d' % (i + 1),
+ 'C,,')
except CalledProcessError as e:
module.fail_json(msg="Failed to add CA to temporary NSS database.")
--
GitLab