summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2013-03-14 14:36:39 +0100
committerMartin Kosek <mkosek@redhat.com>2013-03-21 16:12:12 +0100
commit1336b399065ff47477029ba487f1d392f1ce6ac8 (patch)
treeeed162002d25328b5d7c72da931d5f1b62b84609
parent6540eff4687bbc400e285a68936d8edf1895168e (diff)
downloadfreeipa-1336b399065ff47477029ba487f1d392f1ce6ac8.tar.gz
freeipa-1336b399065ff47477029ba487f1d392f1ce6ac8.tar.xz
freeipa-1336b399065ff47477029ba487f1d392f1ce6ac8.zip
Improve client install LDAP cert retrieval fallback
CA certificate retrieval function did not fallback from LDAP to HTTP based retrieval in case of an LDAP error, when for example GSSAPI authentication failed. https://fedorahosted.org/freeipa/ticket/3512
-rwxr-xr-xipa-client/ipa-install/ipa-client-install2
1 files changed, 1 insertions, 1 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index fc8b6c855..f1b2c1887 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -1624,7 +1624,7 @@ def get_ca_cert(fstore, options, server, basedn):
except Exception, e:
os.unlink(ca_file)
raise
- except errors.NoCertificateError, e:
+ except (errors.NoCertificateError, errors.LDAPError), e:
root_logger.debug(str(e))
url = http_url()
if existing_ca_cert: