IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Try to catch more error conditions during installation

Browse Source 
Modify the way we detect SELinux to use selinuxenabled instead of using
  a try/except.
Handle SASL/GSSAPI authentication failures when getting a connection
This commit is contained in:
rcritten@redhat.com
2007-10-03 17:37:13 -04:00
parent 1cef67e2e1
commit 53e872fb72
6 changed files with 124 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ipa-server/xmlrpc-server/funcs.py
View File

@@ -69,7 +69,7 @@ class IPAConnPool:
if conn is None:
return
# We can't re-use SASL connections. If proxydn is None it means
# we have a Kerberos credentails cache set. See ipaldap.set_krbccache
# we have a Kerberos credentials cache set. See ipaldap.set_krbccache
if conn.proxydn is None:
conn.unbind_s()
else:
@@ -168,7 +168,10 @@ class IPAServer:
else:
raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CCACHE)
conn = _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache,debug)
try:
conn = _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache,debug)
except ldap.INVALID_CREDENTIALS, e:
raise ipaerror.gen_exception(ipaerror.CONNECTION_GSSAPI_CREDENTIALS, nested_exception=e)
if conn is None:
raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CONN)