Handle timeout error in ipa-httpd-kdcproxy

The ipa-httpd-kdcproxy script now handles LDAP timeout errors correctly.
A timeout does no longer result into an Apache startup error.

https://fedorahosted.org/freeipa/ticket/5292

Reviewed-By: Martin Basti <mbasti@redhat.com>

install/tools/ipa-httpd-kdcproxy

@@ -24,6 +24,7 @@ This script creates or removes the symlink from /etc/ipa/ipa-kdc-proxy.conf
 to /etc/httpd/conf.d/. It's called from ExecStartPre hook in httpd.service.
 """
 import os
+import socket
 import sys
 
 from ipalib import api, errors
@@ -81,7 +82,7 @@ class KDCProxyConfig(object):
             # EXTERNAL bind as root user
             self.con.ldapi = True
             self.con.do_bind(timeout=self.time_limit)
-        except errors.NetworkError as e:
+        except (errors.NetworkError, socket.timeout) as e:
             msg = 'Unable to connect to dirsrv: %s' % e
             raise CheckError(msg)
         except errors.AuthorizationError as e: