diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-06-29 15:01:18 -0400 |
|---|---|---|
| committer | Adam Young <ayoung@redhat.com> | 2011-07-01 21:01:22 -0400 |
| commit | 6ad7deb7ac1626caa37e60accdc492acfb88e4ba (patch) | |
| tree | 91291976e5f7865d2190a1014c1a7ae34fad3fe8 /ipapython | |
| parent | 3894a4f13d6e555e3d9c74bd4081d2690d58ad80 (diff) | |
| download | freeipa-6ad7deb7ac1626caa37e60accdc492acfb88e4ba.tar.gz freeipa-6ad7deb7ac1626caa37e60accdc492acfb88e4ba.tar.xz freeipa-6ad7deb7ac1626caa37e60accdc492acfb88e4ba.zip | |
Set the client auth callback after creating the SSL connection.
If we set the callback before calling connect() then if the connection
tries a network family type and fails, it will try other family types.
If this happens then the callback set on the first socket will be lost
when a new socket is created. There is no way to query for the callback
in an existing socket.
https://fedorahosted.org/freeipa/ticket/1349
Diffstat (limited to 'ipapython')
| -rw-r--r-- | ipapython/dogtag.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py index 582971734..969535e4b 100644 --- a/ipapython/dogtag.py +++ b/ipapython/dogtag.py @@ -80,11 +80,11 @@ def https_request(host, port, url, secdir, password, nickname, **kw): "Accept": "text/plain"} try: conn = nsslib.NSSConnection(host, port, dbdir=secdir) + conn.set_debuglevel(0) + conn.connect() conn.sock.set_client_auth_data_callback(nsslib.client_auth_data_callback, nickname, password, nss.get_default_certdb()) - conn.set_debuglevel(0) - conn.connect() conn.request("POST", url, post, request_headers) res = conn.getresponse() |