diff options
author | Martin Kosek <mkosek@redhat.com> | 2013-03-14 14:36:39 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-03-21 16:19:03 +0100 |
commit | fdfcd2cf2456fce303553d88cbf53067c975d2f3 (patch) | |
tree | ca85396ea48b12536099d1421edb77f73dc7881a | |
parent | 07755e815e09ef722fc1fdb6715fd538aa2d08d4 (diff) | |
download | freeipa-fdfcd2cf2456fce303553d88cbf53067c975d2f3.tar.gz freeipa-fdfcd2cf2456fce303553d88cbf53067c975d2f3.tar.xz freeipa-fdfcd2cf2456fce303553d88cbf53067c975d2f3.zip |
Improve client install LDAP cert retrieval fallback
CA certificate retrieval function did not fallback from LDAP to
HTTP based retrieval in case of an LDAP error, when for example
GSSAPI authentication failed.
https://fedorahosted.org/freeipa/ticket/3512
-rwxr-xr-x | ipa-client/ipa-install/ipa-client-install | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index f3c3f8f21..2852dba37 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -1625,7 +1625,7 @@ def get_ca_cert(fstore, options, server, basedn): except Exception, e: os.unlink(ca_file) raise - except errors.NoCertificateError, e: + except (errors.NoCertificateError, errors.LDAPError), e: root_logger.debug(str(e)) url = http_url() if existing_ca_cert: |