diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2012-10-17 16:58:54 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2012-10-24 15:07:53 -0400 |
| commit | fb7575d6b77c1d85539c8e71b7fa931e758704d3 (patch) | |
| tree | d876198c0b025085625f0f84dfd8a665a458f960 | |
| parent | 445744206b92787e82057ca56062076ccf9d7dfe (diff) | |
| download | freeipa-fb7575d6b77c1d85539c8e71b7fa931e758704d3.tar.gz freeipa-fb7575d6b77c1d85539c8e71b7fa931e758704d3.tar.xz freeipa-fb7575d6b77c1d85539c8e71b7fa931e758704d3.zip | |
Close connection after each request, avoid NSS shutdown problem.
The unit tests were failing when executed against an Apache server
in F-18 due to dangling references causing NSS shutdown to fail.
https://fedorahosted.org/freeipa/ticket/3180
| -rw-r--r-- | ipalib/rpc.py | 29 | ||||
| -rw-r--r-- | ipapython/nsslib.py | 6 |
2 files changed, 30 insertions, 5 deletions
diff --git a/ipalib/rpc.py b/ipalib/rpc.py index e97536d9d..c555105f6 100644 --- a/ipalib/rpc.py +++ b/ipalib/rpc.py @@ -257,16 +257,24 @@ class SSLTransport(LanguageAwareTransport): # If we an existing connection exists using the same NSS database # there is no need to re-initialize. Pass thsi into the NSS # connection creator. + if sys.version_info >= (2, 7): + if self._connection and host == self._connection[0]: + return self._connection[1] + dbdir = '/etc/pki/nssdb' no_init = self.__nss_initialized(dbdir) - (major, minor, micro, releaselevel, serial) = sys.version_info - if major == 2 and minor < 7: + if sys.version_info < (2, 7): conn = NSSHTTPS(host, 443, dbdir=dbdir, no_init=no_init) else: conn = NSSConnection(host, 443, dbdir=dbdir, no_init=no_init) self.dbdir=dbdir + conn.connect() - return conn + if sys.version_info < (2, 7): + return conn + else: + self._connection = host, conn + return self._connection[1] class KerbTransport(SSLTransport): @@ -331,6 +339,12 @@ class KerbTransport(SSLTransport): return (host, extra_headers, x509) + def single_request(self, host, handler, request_body, verbose=0): + try: + return SSLTransport.single_request(self, host, handler, request_body, verbose) + finally: + self.close() + def parse_response(self, response): session_cookie = response.getheader('Set-Cookie') if session_cookie: @@ -371,7 +385,8 @@ class xmlclient(Connectible): """ if not hasattr(self.conn, '_ServerProxy__transport'): return None - if type(self.conn._ServerProxy__transport) in (KerbTransport, DelegatedKerbTransport): + if (isinstance(self.conn._ServerProxy__transport, KerbTransport) or + isinstance(self.conn._ServerProxy__transport, DelegatedKerbTransport)): scheme = "https" else: scheme = "http" @@ -493,7 +508,11 @@ class xmlclient(Connectible): return serverproxy def destroy_connection(self): - pass + if sys.version_info >= (2, 7): + conn = getattr(context, self.id, None) + if conn is not None: + conn = conn.conn._ServerProxy__transport + conn.close() def forward(self, name, *args, **kw): """ diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py index 06bcba648..7afccd568 100644 --- a/ipapython/nsslib.py +++ b/ipapython/nsslib.py @@ -238,6 +238,12 @@ class NSSConnection(httplib.HTTPConnection, NSSAddressFamilyFallback): def connect(self): self.connect_socket(self.host, self.port) + def close(self): + """Close the connection to the HTTP server.""" + if self.sock: + self.sock.close() # close it manually... there may be other refs + self.sock = None + def endheaders(self, message=None): """ Explicitly close the connection if an error is returned after the |