From 0ad0f4ba6cc54e44be5b49d67118087dee4851ea Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 22 Nov 2010 10:27:34 -0500
Subject: Catch when we fail to get a cert chain from the CA during
 installation

Also don't free the XML document if it was never created.

ticket 404
---
 ipapython/dogtag.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'ipapython')

diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py
index 96d9469d..014127e0 100644
--- a/ipapython/dogtag.py
+++ b/ipapython/dogtag.py
@@ -37,6 +37,7 @@ def get_ca_certchain(ca_host=None):
     conn = httplib.HTTPConnection(ca_host, api.env.ca_port)
     conn.request("GET", "/ca/ee/ca/getCertChain")
     res = conn.getresponse()
+    doc = None
     if res.status == 200:
         data = res.read()
         conn.close()
@@ -53,7 +54,10 @@ def get_ca_certchain(ca_host=None):
                 except Exception, e:
                     raise errors.RemoteRetrieveError(reason="Retrieving CA cert chain failed: %s" % str(e))
         finally:
-            doc.unlink()
+            if doc:
+                doc.unlink()
+    else:
+        raise errors.RemoteRetrieveError(reason="request failed with HTTP status %d" % res.status)
 
     return chain
 
-- 
cgit