/juju

apiserver: fix data race in certChangeListener #2716

Closed
wants to merge 1 commit into
from

Conversation

Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@davecheney @jameinel
@davecheney
Contributor

davecheney commented Jul 3, 2015

Fixes LP 1467753

This PR takes the cl.m lock during certChangeListener.Accept().
This ensures that the cert change listener cannot change the TLS config
concurrently with accepting a new connection.

This does have the downside that because Accept is a blocking call, the lock
will be held until an incoming connection is recieved. This means the cert change
requires at least one incoming connection to be accepted (not completed) before
taking effect.

In practice this does not appear to be an issue.

(Review request: http://reviews.vapour.ws/r/2094/)
@davecheney
apiserver: fix data race in certChangeListener 
Fixes LP 1467753

This PR takes the cl.m lock during certChangeListener.Accept().
This ensures that the cert change listener cannot change the TLS config
concurrently with accepting a new connection.

This does have the downside that because Accept is a blocking call, the lock
will be held until an incoming connection is recieved. This means the cert change
requires at least one incoming connection to be _accepted_ (not completed) before
taking effect.

In practice this does not appear to be an issue.
7709890

@jameinel jameinel closed this Jan 19, 2016

@davecheney davecheney deleted the davecheney:fixedbugs/1467753 branch Apr 13, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment