mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
Do not erroneously reinit NSS in Dogtag interface
The Dogtag interface always attempts to (re)init NSS, which can fail with SEC_ERROR_BUSY. Do not reinitialise NSS when it has already been initialised with the given dbdir. Part of: https://fedorahosted.org/freeipa/ticket/5459 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
parent
2ef1eb0ae7
commit
6fe0a89807
@ -265,7 +265,8 @@ def https_request(host, port, url, secdir, password, nickname,
|
||||
"""
|
||||
|
||||
def connection_factory(host, port):
|
||||
conn = nsslib.NSSConnection(host, port, dbdir=secdir,
|
||||
no_init = secdir == nsslib.current_dbdir
|
||||
conn = nsslib.NSSConnection(host, port, dbdir=secdir, no_init=no_init,
|
||||
tls_version_min=api.env.tls_version_min,
|
||||
tls_version_max=api.env.tls_version_max)
|
||||
conn.set_debuglevel(0)
|
||||
|
Loading…
Reference in New Issue
Block a user