httplib makes a copy of the nss file descriptor but doesn't close it when the response code != 200 so we need to close it ourselves.

rob
>From 20cc6f5bbb77e6f905cb4607e8d95f092e886d81 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcrit...@redhat.com>
Date: Mon, 19 Sep 2011 17:26:36 -0400
Subject: [PATCH] Shut down duplicated file handle when HTTP response code is
 not 200.

httplib purposely keeps the socket open as a file on failed requests. We
need to close this file otherwise nss_shutdown() will fail.

https://fedorahosted.org/freeipa/ticket/1807
---
 ipapython/nsslib.py |   11 +++++++++++
 1 files changed, 11 insertions(+), 0 deletions(-)

diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py
index c4d8cdc..467de1c 100644
--- a/ipapython/nsslib.py
+++ b/ipapython/nsslib.py
@@ -293,6 +293,17 @@ class NSSHTTPS(httplib.HTTP):
             port = None
         self._setup(self._connection_class(host, port, strict, dbdir=dbdir))
 
+    def getreply(self):
+        """
+        Override so we can close duplicated file connection on non-200
+        responses. This was causing nss_shutdown() to fail with a busy
+        error.
+        """
+        (status, reason, msg) = httplib.HTTP.getreply(self)
+        if status != 200:
+            self.file.close()
+        return (status, reason, msg)
+
 #------------------------------------------------------------------------------
 
 if __name__ == "__main__":
-- 
1.7.6

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to