Bug 736024
Summary: | hekafsd with persistent connections | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Kaleb KEITHLEY <kkeithle> |
Component: | hekafs | Assignee: | Kaleb KEITHLEY <kkeithle> |
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 16 | CC: | jdarcy, kkeithle, zaitcev |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-07-16 13:37:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Kaleb KEITHLEY
2011-09-06 12:52:34 UTC
Note that "I" in 'I looked into what it takes to have connections persist ...' is Peter Zaitcev Nice work untangling the contorted WSGI control flows. Some questions/answers/issues: (1) The certfile argument is the same as "server.pem" in the original example, but the other wrap_socket arguments in that example - keyfile, cert_reqs, ca_certs - are also required. Giving out a cert with no key, or blindly accepting others' certs, is not consistent with secure operation. (2) Setting SecureHandler.protocol_version (which is a class constant rather than an instance variable) could be done more cleanly, readably, and efficiently from within the SecureHandler definition itself than by reaching in from EasySSLServer.run every time it's called. (3) Please don't change (and hard-code) the port that the service runs on. (4) There have been recent commits on master (e.g. fec3f79b8a3078c28a6c5ad372a578ab4ad2d935) which might cause application of this patch to fail, so please rebase before re-submitting. HekaFS will be merged into core GlusterFS |