From 7b7160452130a203622a7b0fd30e984add87ed87 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 17 Feb 2011 22:53:53 -0500
Subject: Fix NSS initialization errors during ipa-replica-prepare

When enabling replication we make an SSL connection. I think the way
this goes is python-ldap -> openldap -> NSS. It may be a problem in
the openldap SSL client, maybe it isn't calling NSS_Shutdown(). In any
case if we use ldapi instead the problem goes away.

Back out the temporary code to ignore nss_shutdown errors.

ticket 965
---
 ipapython/nsslib.py | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'ipapython/nsslib.py')

diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py
index fad65a373..129f1a0c5 100644
--- a/ipapython/nsslib.py
+++ b/ipapython/nsslib.py
@@ -126,11 +126,7 @@ class NSSConnection(httplib.HTTPConnection):
         if nss.nss_is_initialized():
             # close any open NSS database and use the new one
             ssl.clear_session_cache()
-            try:
-                nss.nss_shutdown()
-            except NSPRError, e:
-                # FIXME: errors shouldn't be raised here
-                logging.debug('nss_shutdown: %s', str(e))
+            nss.nss_shutdown()
         nss.nss_init(dbdir)
         ssl.set_domestic_policy()
         nss.set_password_callback(self.password_callback)
-- 
cgit