diff options
author | rcritten@redhat.com <rcritten@redhat.com> | 2007-10-03 17:37:13 -0400 |
---|---|---|
committer | rcritten@redhat.com <rcritten@redhat.com> | 2007-10-03 17:37:13 -0400 |
commit | 53e872fb72098a8c504613c0946cecfe31d5fab7 (patch) | |
tree | aa11252b777403e3d9cad75699ae24d900d069d8 /ipa-server/xmlrpc-server/funcs.py | |
parent | 1cef67e2e16ec137a1d04f9f4f99694ed36e3d28 (diff) | |
download | freeipa-53e872fb72098a8c504613c0946cecfe31d5fab7.tar.gz freeipa-53e872fb72098a8c504613c0946cecfe31d5fab7.tar.xz freeipa-53e872fb72098a8c504613c0946cecfe31d5fab7.zip |
Try to catch more error conditions during installation
Modify the way we detect SELinux to use selinuxenabled instead of using
a try/except.
Handle SASL/GSSAPI authentication failures when getting a connection
Diffstat (limited to 'ipa-server/xmlrpc-server/funcs.py')
-rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index 0f4850e9e..bf2cde4f4 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -69,7 +69,7 @@ class IPAConnPool: if conn is None: return # We can't re-use SASL connections. If proxydn is None it means - # we have a Kerberos credentails cache set. See ipaldap.set_krbccache + # we have a Kerberos credentials cache set. See ipaldap.set_krbccache if conn.proxydn is None: conn.unbind_s() else: @@ -168,7 +168,10 @@ class IPAServer: else: raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CCACHE) - conn = _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache,debug) + try: + conn = _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache,debug) + except ldap.INVALID_CREDENTIALS, e: + raise ipaerror.gen_exception(ipaerror.CONNECTION_GSSAPI_CREDENTIALS, nested_exception=e) if conn is None: raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CONN) |