On 09/08/12 10:20, Danek Duvall wrote:
Shawn Walker wrote:Greetings, The following diff contains a fix for the following issue: 7196957 pkg.depotd fails to read passphrase-protected ssl key when using smf or exec authentication I've manually verified that: * the decrypted key file is automatically removed still after the depot server binds to the socket * that it works when using SMF as an authentication sourceAre you sure that letting garbage collection be the point where the file gets closed is safe? If Python decides it could garbage collect key_data before the data is read, then we're toast. Does the configuration require a pathname to the key data, or could it take key_data directly as an open file handle?
Yes, for Python 2.6 and 2.7, I believe the current scope rules will guarantee it's existence. And yes, unfortunately, CherryPy's current implementation requires a file path instead of a file object.
I've truss'd the process to verify that the unlink of the file happens shortly after CherryPy starts a new thread after it has bound the SSL Context to the socket.
This is also the way that this historically worked when I first implemented SSL support all the way until b144 when I saw key_data and just added a 'close()' without considering the consequences.
The long-term fix could either be viewed as Tim's work to get us directly into Apache, at which point this is all moot, or the creation of custom SSL Adapter for CherryPy which can take a file object and that CherryPy can obtain the data from. But that's only practical after the v0 catalog support and filelist stuff is ripped out and we can evaluate upgrading CherryPy to a newer version (which would break filelist).
If we don't put this fix in now, I realised this morning that I could place an exec-based unit test for this in cli/t_pkg_depot.py. It wouldn't give us SMF-based unit test coverage, but at would at least go through the same mechanism that the SMF-path does for decrypting and storing the private key temporarily.
-Shawn _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
