From 925904b8724c50b6336c0cd17f5dbb2eb85be8a4 Mon Sep 17 00:00:00 2001

From: Martin Basti <mbasti@redhat.com>

Date: Tue, 4 Nov 2014 15:59:50 +0100

Subject: [PATCH] Fix upgrade: do not use invalid ldap connection

Ticket: https://fedorahosted.org/freeipa/ticket/4670

Reviewed-By: Jan Cholasta <jcholast@redhat.com>

---

 ipaserver/install/ldapupdate.py           | 6 ++++++

 ipaserver/install/plugins/updateclient.py | 3 +++

 2 files changed, 9 insertions(+)

diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py

index 6bed046d2661f48218b66c11e6f6a43c6dc0f6bf..47f0399b928b3b0da3954592d56750450454aac7 100644

--- a/ipaserver/install/ldapupdate.py

+++ b/ipaserver/install/ldapupdate.py

@@ -889,3 +889,9 @@ class LDAPUpdate:

         self._run_updates(updates)

         return self.modified

+

+    def close_connection(self):

+        """Close ldap connection"""

+        if self.conn:

+            self.conn.unbind()

+            self.conn = None

diff --git a/ipaserver/install/plugins/updateclient.py b/ipaserver/install/plugins/updateclient.py

index 7566b6cd807dafc3af5e7b51a1dfa68847ca91c2..8f5c5b5fdbc2b7bfec8be342ee267425c93b47cf 100644

--- a/ipaserver/install/plugins/updateclient.py

+++ b/ipaserver/install/plugins/updateclient.py

@@ -122,6 +122,9 @@ class updateclient(backend.Executioner):

         for update in self.order(updatetype):

             (restart, apply_now, res) = self.run(update.name, **kw)

             if restart:

+                # connection has to be closed before restart, otherwise

+                # ld instance will try to reuse old non-valid connection

+                ld.close_connection()

                 self.restart(dm_password, live_run)

             if apply_now:

-- 

2.1.0