Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
apiserver: fix the data race for tls.Config #2717
Conversation
|
$$merge$$ |
|
Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju |
added a commit
that referenced
this pull request
Jul 3, 2015
jujubot
merged commit d357222
into
juju:master
Jul 3, 2015
mjs
deleted the
mjs:certupdater-race-fix
branch
Jul 3, 2015
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
mjs commentedJul 3, 2015
Each connection gets a private copy of the tls.Config so that only future connections are affected by certificate updates. This avoids the race and is just generally safer.
Also simplify the changeCertListener somewhat.
This also fixes a serious bug recently introduced in c147767. The addition of the Lock call at the top of processCertChanges caused the cert update to hang when updateCertificate tries to grab the lock again.
(Review request: http://reviews.vapour.ws/r/2095/)