Issue #693 has been updated by Melissa Stone.
Released in Puppet 3.4.0-rc1 ---------------------------------------- Bug #693: Race condition in CA could result in two certs with same serial https://projects.puppetlabs.com/issues/693#change-100390 * Author: Luke Kanies * Status: Closed * Priority: Normal * Assignee: * Category: * Target version: 3.4.0 * Affected Puppet version: 0.25.4 * Keywords: * Branch: https://github.com/puppetlabs/puppet/pull/2017 ---------------------------------------- In the 'sign' method in sslcertificates/ca.rb, the serial is read in, the certificate is signed, then a new serial is written out. This means that if two CAs are trying to sign a certificate at the same time, both certificates could theoretically get the same serial number. This method needs to be updated to use some kind of lock file, and the reading and modification of the serial number should be made more atomic. This way multiple CAs could run on the same host, which is important when running multiple Mongrel instances. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
