Bug 346591
Summary: | Port autofs to use NSS library for cryptography | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Peter Vrabec <pvrabec> |
Component: | autofs | Assignee: | Ian Kent <ikent> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | rawhide | CC: | ikent, jmoyer, tmraz |
Target Milestone: | --- | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-08-31 11:11:49 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 333741 |
Description
Peter Vrabec
2007-10-23 10:16:44 UTC
We will look into this, but this is a long-term project. This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. Ian, sorry I haven't been able to get to this. (In reply to comment #0) > autofs should be ported to use NSS library for cryptography. > See the tracking bug for details and links on how it could be done. I'm confused as to what actually needs to be done here? autofs uses one or two openssl calls purely to prevent SEGVs caused by the openssl library when unloading and reloading it's lookup modules that depend on it only indirectly. Other than this all openssl interaction is done entirely by these dependent libraries and not by autofs itself. OTOH, is the NSS library thread safe (I expect it is) and does it use Thread Specific Data (TSD) keys? We have had problems with shared libraries that make assumptions about their status wrt. being unloaded when using TSD keys. The library libxml2 is definitely broken and libtirpc is open to question but is probably broken. The Kerberos library is the only shared library known to survive this library unloading and reloading when using TSD keys so far. How about the NSS library and its use of TSD keys? Ian Let's close as NOTABUG then. There was a push in Fedora to get rid of multiple implementations of ssl libraries. I believe that was the impetus for this bugzilla. If that is no longer a goal, then I'm fine closing this out. (In reply to comment #5) > Let's close as NOTABUG then. Yeah, hopefully the link will fail if the libraries of dependent subsystems change and then I cam remove those couple of calls I do have. Ian |