Hi Lukas, On 5/3/19 1:49 PM, William Lallemand wrote: > On Fri, May 03, 2019 at 01:38:00PM +0200, Lukas Tribus wrote: >> Hello everyone, >> >> >> On Fri, 3 May 2019 at 12:50, Robert Allen1 <[email protected]> wrote: >>> +#if defined(USE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10101000L) >>> + if (global.ssl_used_frontend || global.ssl_used_backend) >>> + /* close random device FDs */ >>> + RAND_keep_random_devices_open(0); >>> +#endif >>> >>> and requests a backport to 1.8 and 1.9 where we noticed this issue (and >>> which >>> include the re-exec for reload code, if I followed its history >>> thoroughly). >> >> Please do not commit this yet. >> >> We need those random devices open in openssl 1.1.1. We specifically >> pushed for this and had very long conversations with openssl folks. >> >> I don't have time to dig up the entire history right now, will do that >> later for context, however, please do not commit this yet. >> >> > > Lukas, > > This is the code of deinitilisation of the master, which is launched before > the re-execution of the master, it does not impact the workers. >
Indeed if the workers keep the fd open it should work, the master is outside de chroot and doesn't need to keep the fd open. Emeric
