summaryrefslogtreecommitdiffstats
path: root/ipapython
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2010-07-26 17:54:38 -0400
committerRob Crittenden <rcritten@redhat.com>2010-08-16 10:35:27 -0400
commit1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0 (patch)
tree965da3c4c157e0aaba6b876b578ebcf8a7dc190d /ipapython
parent3e6f0f5721f76977475792f09758f6b8dcc4ed4e (diff)
downloadfreeipa-1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0.tar.gz
freeipa-1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0.tar.xz
freeipa-1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0.zip
Add support for client failover to the ipa command-line.
This adds a new global option to the ipa command, -f/--no-fallback. If this is included then just the server configured in /etc/ipa/default.conf is used. Otherwise that is tried first then all servers in DNS with the ldap SRV record are tried. Create a new Local() Command class for local-only commands. The help command is one of these. It shouldn't need a remote connection to execute. ticket #15
Diffstat (limited to 'ipapython')
-rw-r--r--ipapython/nsslib.py14
1 files changed, 14 insertions, 0 deletions
diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py
index 7e249b3ba..f7891768f 100644
--- a/ipapython/nsslib.py
+++ b/ipapython/nsslib.py
@@ -161,6 +161,20 @@ class NSSConnection(httplib.HTTPConnection):
logging.debug("connect: %s", net_addr)
self.sock.connect(net_addr)
+ def endheaders(self):
+ """
+ Explicitly close the connection if an error is returned after the
+ headers are sent. This will likely mean the initial SSL handshake
+ failed. If this isn't done then the connection is never closed and
+ subsequent NSS activities will fail with a BUSY error.
+ """
+ try:
+ # FIXME: httplib uses old-style classes so super doesn't work
+ httplib.HTTPConnection.endheaders(self)
+ except NSPRError, e:
+ self.close()
+ raise e
+
class NSSHTTPS(httplib.HTTP):
# We would like to use HTTP 1.1 not the older HTTP 1.0 but xmlrpclib
# and httplib do not play well together. httplib when the protocol