Fix two problems with ipa-replica-prepare

1. Fix a unicode() problem creating the DNS entries
2. Fix a strange NSS error when generating the certificates against
   a dogtag server.

The NSS errors are quite strange. When generating the first certificate
nss_shutdown() fails because the database isn't initialized yet but
nss_is_initialized() returned True. The second pass fails because
something is in use.

2 files changed, 6 insertions, 2 deletions

diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare
index 1b643099..f0661a37 100755
--- a/install/tools/ipa-replica-prepare
+++ b/install/tools/ipa-replica-prepare
@@ -267,7 +267,7 @@ def main():
 
     if not options.ip_address:
         try:
-            api.Command['dns_resolve'](replica_fqdn)
+            api.Command['dns_resolve'](replica_fqdn.decode('utf-8'))
         except errors.NotFound:
             sys.exit("Neither an A nor AAAA record for host '%s' does not exist in DNS.\nUse the --ip-address option to add DNS entries for the replica." % replica_fqdn)
 
diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py
index 129f1a0c..fad65a37 100644
--- a/ipapython/nsslib.py
+++ b/ipapython/nsslib.py
@@ -126,7 +126,11 @@ class NSSConnection(httplib.HTTPConnection):
         if nss.nss_is_initialized():
             # close any open NSS database and use the new one
             ssl.clear_session_cache()
-            nss.nss_shutdown()
+            try:
+                nss.nss_shutdown()
+            except NSPRError, e:
+                # FIXME: errors shouldn't be raised here
+                logging.debug('nss_shutdown: %s', str(e))
         nss.nss_init(dbdir)
         ssl.set_domestic_policy()
         nss.set_password_callback(self.password_callback)