Set the client auth callback after creating the SSL connection.

If we set the callback before calling connect() then if the connection tries a network family type and fails, it will try other family types. If this happens then the callback set on the first socket will be lost when a new socket is created. There is no way to query for the callback in an existing socket. https://fedorahosted.org/freeipa/ticket/1349
2025-02-25 18:55:28 -06:00 · 2011-06-29 15:01:18 -04:00 · 2011-06-29 15:01:18 -04:00 · 6ad7deb7ac
commit 6ad7deb7ac
parent 3894a4f13d
1 changed files with 2 additions and 2 deletions
--- a/ipapython/dogtag.py
+++ b/ipapython/dogtag.py
@ -80,11 +80,11 @@ def https_request(host, port, url, secdir, password, nickname, **kw):
                       "Accept": "text/plain"}
    try:
        conn = nsslib.NSSConnection(host, port, dbdir=secdir)
+        conn.set_debuglevel(0)
+        conn.connect()
        conn.sock.set_client_auth_data_callback(nsslib.client_auth_data_callback,
                                                nickname,
                                                password, nss.get_default_certdb())
-        conn.set_debuglevel(0)
-        conn.connect()
        conn.request("POST", url, post, request_headers)

        res = conn.getresponse()