[Freeipa-devel] [PATCH 0165] Workaround: unable to get CA status during update
Martin Kosek
mkosek at redhat.com
Tue Nov 18 21:01:39 UTC 2014
On 11/18/2014 08:20 PM, Martin Basti wrote:
> Ticket: https://fedorahosted.org/freeipa/ticket/4676
>
> Attached patches:
>
> * Version A: uses wget to get status of CA
> * Version B: write warning instead of raising exception (error is false
> positive, CA is running)
>
> I'm open to suggestions which approach is better
>
> Martin^2
>
I like A, but I am concerned why you suddenly ignore the use_proxy option. I
added it for a reason as it affects to which port we need to connect,
regardless the transport library. See
https://fedorahosted.org/freeipa/ticket/3973
where I added this option.
Second, I am not happy by you duplicating the XML parsing code, I would rather
see it splited in dogtag.py in separate "_ca_status_parse" or similar function
call.
Given the obstacles, I am inclining for
- pushing B as a safe fix for Fedora 21 Final
- fixing issues in A and pushing it for minor release after that to avoid the
nasty warning and have some reasonable medium-term fix until the framework
migrates to something better than httpslib, line python-requests maybe.
Martin
More information about the Freeipa-devel
mailing list