/juju

provider/lxd: handle concurrent AddCert #6912

Merged
merged 1 commit into from Feb 3, 2017

Conversation

Reviewers

@wallyworld wallyworld

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@axw @jujubot @wallyworld
@axw
Member

axw commented Feb 3, 2017

Description of change

Fix a TOCTOU bug, where we check if the
certificate exists on the server and then
add it if it's not there. We must make
a second check if the update fails, to
see if there was a concurrent add.

QA steps

How do we verify that the change works?

  • Remove all trust certificates from lxd: lxc config trust list | grep '|' | grep -v FINGERPRINT | cut -d'|' -f2 | awk '{print $1}' | xargs -L1 lxc config trust remove
  • for x in {1..10}; do juju bootstrap localhost lxd-$x & done

Documentation changes

None.

Bug reference

Fixes https://bugs.launchpad.net/juju/+bug/1661458
@axw
provider/lxd: handle concurrent AddCert 
Fix a TOCTOU bug, where we check if the
certificate exists on the server and then
add it if it's not there. We must make
a second check if the update fails, to
see if there was a concurrent add.

Fixes https://bugs.launchpad.net/juju/+bug/1661458
8b1128d
@axw
Member

axw commented Feb 3, 2017

$$fixes-1661458$$
@jujubot
Contributor

jujubot commented Feb 3, 2017

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

@jujubot jujubot merged commit 2824243 into juju:2.1 Feb 3, 2017

@wallyworld wallyworld referenced this pull request Feb 6, 2017

Merged

Merge tip of 2.1 branch #6922

jujubot added a commit that referenced this pull request Feb 6, 2017

@jujubot
Merge pull request #6922 from wallyworld/merge-2.1-060217 
Merge tip of 2.1 branch

Picks up latest fixes commited to 2.1:
#6912 
#6915 
#6920 
#6902 
#6913 
#6906
3b24ed5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment