custodia: force reconnect before retrieving CA certs from LDAP

Force reconnect to LDAP as DS might have been restarted after the connection was opened, rendering the connection invalid. This fixes a crash in ipa-replica-install with --setup-ca. https://fedorahosted.org/freeipa/ticket/6207 Reviewed-By: Martin Basti <mbasti@redhat.com>
author: Jan Cholasta <jcholast@redhat.com> 2016-09-01 10:32:18 +0200
committer: Martin Basti <mbasti@redhat.com> 2016-09-01 13:11:09 +0200
commit: 17ea4ae6b9007e121ae1ea7748643394fec84ad7 (patch)
tree: 357658616b12041bb3548de87536df56126ead19 /ipaserver/install/custodiainstance.py
parent: dd02741896844a6e14d60f267d9b1cb27b039241 (diff)
download: freeipa-17ea4ae6b9007e121ae1ea7748643394fec84ad7.tar.gz
freeipa-17ea4ae6b9007e121ae1ea7748643394fec84ad7.tar.xz
freeipa-17ea4ae6b9007e121ae1ea7748643394fec84ad7.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ipaserver/install/custodiainstance.py b/ipaserver/install/custodiainstance.py
index 18bd51426..32740274c 100644
--- a/ipaserver/install/custodiainstance.py
+++ b/ipaserver/install/custodiainstance.py
@@ -158,6 +158,8 @@ class CustodiaInstance(SimpleServiceInstance):
             # Add CA certificates
             tmpdb = CertDB(self.realm, nssdir=tmpnssdir)
             self.suffix = ipautil.realm_to_suffix(self.realm)
+            if self.admin_conn is not None:
+                self.ldap_disconnect()
             self.import_ca_certs(tmpdb, True)
 
             # Now that we gathered all certs, re-export
author	Jan Cholasta <jcholast@redhat.com>	2016-09-01 10:32:18 +0200
committer	Martin Basti <mbasti@redhat.com>	2016-09-01 13:11:09 +0200
commit	17ea4ae6b9007e121ae1ea7748643394fec84ad7 (patch)
tree	357658616b12041bb3548de87536df56126ead19 /ipaserver/install/custodiainstance.py
parent	dd02741896844a6e14d60f267d9b1cb27b039241 (diff)
download	freeipa-17ea4ae6b9007e121ae1ea7748643394fec84ad7.tar.gz freeipa-17ea4ae6b9007e121ae1ea7748643394fec84ad7.tar.xz freeipa-17ea4ae6b9007e121ae1ea7748643394fec84ad7.zip