From b74cae51e3bcad31371e52e762d2dfdeb893e961 Mon Sep 17 00:00:00 2001
From: Ade Lee <alee@redhat.com>
Date: Thu, 1 Nov 2018 17:37:51 -0400
Subject: [PATCH] Fix novajoin-ipa-setup to set logging correctly

In freeipa f62a0fdb904d2a4bb1961847e240dbb6df3b0b67 the IPA
client library was modified to remove the log_manager.  This patch
fixes the novajoin code for all versions of IPA.

See rhbz# 1644747

Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Co-Authored-By: Grzegorz Grasza <xek@redhat.com>
Change-Id: I2da12bedfc8790ebd1005c98f2e05953d127b3b9
---
 novajoin/configure_ipa.py                       | 12 ++++++++----
 novajoin/novajoin/tests/integration/test_ipa.py | 13 ++++++++-----
 scripts/novajoin-ipa-setup                      |  8 +++++---
 3 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/novajoin/configure_ipa.py b/novajoin/configure_ipa.py
index ac8c358..ec5c890 100644
--- a/novajoin/configure_ipa.py
+++ b/novajoin/configure_ipa.py
@@ -155,8 +155,11 @@ class NovajoinRole(object):
             except Exception as e:
                 raise ConfigurationError("get_ca_certs() error: %s" % e)
 
-        certs = [x509.load_certificate(c[0], x509.DER) for c in certs
-                 if c[2] is not False]
+        if version.NUM_VERSION < 40600:
+            certs = [x509.load_certificate(c[0], x509.DER) for c in certs
+                     if c[2] is not False]
+        else:
+            certs = [c[0] for c in certs if c[2] is not False]
 
         return certs
 
@@ -200,8 +203,9 @@ class NovajoinRole(object):
         os.close(cafile_fd)
 
         ca_certs = self._get_ca_certs(server, realm)
-        ca_certs = [cert.public_bytes(serialization.Encoding.PEM)
-                    for cert in ca_certs]
+        if version.NUM_VERSION < 40600:
+            ca_certs = [cert.public_bytes(serialization.Encoding.PEM)
+                        for cert in ca_certs]
         x509.write_certificate_list(ca_certs, cafile_name)
 
         return cafile_name
diff --git a/novajoin/novajoin/tests/integration/test_ipa.py b/novajoin/novajoin/tests/integration/test_ipa.py
index e50cc06..74220e7 100644
--- a/novajoin/novajoin/tests/integration/test_ipa.py
+++ b/novajoin/novajoin/tests/integration/test_ipa.py
@@ -28,10 +28,8 @@ import testtools
 import time
 import uuid
 
-
-from ipapython.ipa_log_manager import log_mgr
-
 from ipalib import api
+from ipapython import version
 import six
 
 from novajoin import config
@@ -58,9 +56,14 @@ class TestIPAService(testtools.TestCase):
         CONF.keytab = '/tmp/test.keytab'
         super(TestIPAService, self).setUp()
         self.ipaclient = IPAClient()
+
         # suppress the Forwarding messages from ipa
-        console = log_mgr.get_handler('console')
-        console.setLevel(logging.WARN)
+        # This is not needed in versions newer than 4.7
+        if version.NUM_VERSION < 40600:
+            from ipapython.ipa_log_manager import log_mgr
+            console = log_mgr.get_handler('console')
+            console.setLevel(logging.WARN)
+
         if hostname is None:
             hostname = six.text_type(str(uuid.uuid4()) + '.' + api.env.domain)
         os.environ['KRB5_CONFIG'] = 'krb5.conf'
diff --git a/scripts/novajoin-ipa-setup b/scripts/novajoin-ipa-setup
index 3d63a91..03d9416 100755
--- a/scripts/novajoin-ipa-setup
+++ b/scripts/novajoin-ipa-setup
@@ -20,7 +20,6 @@ import shutil
 import sys
 from ipalib import api, errors
 from ipapython import version
-from ipapython.ipa_log_manager import log_mgr
 from novajoin import configure_ipa
 from novajoin.errors import ConfigurationError
 
@@ -67,8 +66,11 @@ if __name__ == '__main__':
                                 and opts.realm and opts.server)
 
     # suppress the Forwarding messages from ipa
-    console = log_mgr.get_handler('console')
-    console.setLevel(logging.WARN)
+    # This is not needed in versions newer than 4.7
+    if version.NUM_VERSION < 40600:
+        from ipapython.ipa_log_manager import log_mgr
+        console = log_mgr.get_handler('console')
+        console.setLevel(logging.WARN)
 
     novajoin = configure_ipa.NovajoinRole(user=opts.user,
                                           hostname=opts.hostname)