[SCM] Ganeti core branch stable-2.10 updated. v2.10.7-14-g6e06de4

Mon, 06 Oct 2014 02:26:29 -0700 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Ganeti core".

The branch, stable-2.10 has been updated
       via  6e06de4e7efbb037b9a46b8c2063a05b2921d94f (commit)
      from  a8f2733bd00c5f18be1f0203c945db5e748eb19f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 6e06de4e7efbb037b9a46b8c2063a05b2921d94f
Author: Apollon Oikonomopoulos <[email protected]>
Date:   Sat Oct 4 21:14:03 2014 +0300

    ganeti.daemon: fix daemon mode with GnuTLS >= 3.3
    
    Newer GnuTLS versions (>= 3.3.0) use a library constructor for
    initialization and open /dev/urandom on library load, way before we
    fork(). Closing /dev/urandom on fork causes a failure to re-seed GnuTLS's
    random number generator during the first ganeti.http.client request, which
    in turn causes the process to silently abort(3).
    
    For more background on this behavior, see this thread at the GnuTLS
    mailing list:
    
    http://lists.gnupg.org/pipermail/gnutls-help/2014-April/003429.html
    
    Note that calling pycurl.global_init() at the correct place (as we do) is 
not
    enough, as it does not cause a re-initialization of the GnuTLS library.
    
    As we cannot reliably detect neither the GnuTLS version, nor the socket, we
    work our way around this by keeping all fds referring to /dev/urandom open
    after fork. We do so using the /proc/self/fd interface.
    
    This fixes issues #961 and #964.
    
    Note that this would not affect the Haskell daemons using cURL + GnuTLS,
    because we don't close all file descriptors on fork there.
    
    Signed-off-by: Apollon Oikonomopoulos <[email protected]>
    Reviewed-by: Helga Velroyen <[email protected]>

-----------------------------------------------------------------------

Summary of changes:
 lib/daemon.py |   18 +++++++++++++++++-
 1 files changed, 17 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
Ganeti core

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ganeti-commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to