pyldap's start_tls_s function calls ldap_start_tls_s[1] which, if called
twice, returns LDAP_LOCAL_ERROR which causes a LDAP queries to fail with
the traceback:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ldappool/__init__.py", line 258, in _create_connector
self._bind(conn, bind, passwd)
File "/usr/lib/python2.7/site-packages/ldappool/__init__.py", line 227, in _bind
conn.start_tls_s()
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 1095, in start_tls_s
res = self._apply_method_s(SimpleLDAPObject.start_tls_s,*args,**kwargs)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 1071, in _apply_method_s
return func(self,*args,**kwargs)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 780, in start_tls_s
return self._ldap_call(self._l.start_tls_s)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 263, in _ldap_call
result = func(*args,**kwargs)
LOCAL_ERROR: {'desc': u'Local error'}
This means that currently keystone's [ldap]/use_pool and [ldap]/use_tls
options are incompatible. This patch fixes the problem by removing the
unnecessary call.
[1] https://linux.die.net/man/3/ldap_start_tls_s
Change-Id: I6baff12bcbd3b110e62f4bcdfb97c561d7ee5fe9