diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-07-26 17:54:38 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-08-16 10:35:27 -0400 |
commit | 1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0 (patch) | |
tree | 965da3c4c157e0aaba6b876b578ebcf8a7dc190d /ipapython | |
parent | 3e6f0f5721f76977475792f09758f6b8dcc4ed4e (diff) | |
download | freeipa-1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0.tar.gz freeipa-1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0.tar.xz freeipa-1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0.zip |
Add support for client failover to the ipa command-line.
This adds a new global option to the ipa command, -f/--no-fallback. If this
is included then just the server configured in /etc/ipa/default.conf is used.
Otherwise that is tried first then all servers in DNS with the ldap SRV record
are tried.
Create a new Local() Command class for local-only commands. The help
command is one of these. It shouldn't need a remote connection to execute.
ticket #15
Diffstat (limited to 'ipapython')
-rw-r--r-- | ipapython/nsslib.py | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py index 7e249b3ba..f7891768f 100644 --- a/ipapython/nsslib.py +++ b/ipapython/nsslib.py @@ -161,6 +161,20 @@ class NSSConnection(httplib.HTTPConnection): logging.debug("connect: %s", net_addr) self.sock.connect(net_addr) + def endheaders(self): + """ + Explicitly close the connection if an error is returned after the + headers are sent. This will likely mean the initial SSL handshake + failed. If this isn't done then the connection is never closed and + subsequent NSS activities will fail with a BUSY error. + """ + try: + # FIXME: httplib uses old-style classes so super doesn't work + httplib.HTTPConnection.endheaders(self) + except NSPRError, e: + self.close() + raise e + class NSSHTTPS(httplib.HTTP): # We would like to use HTTP 1.1 not the older HTTP 1.0 but xmlrpclib # and httplib do not play well together. httplib when the protocol |