Plugin manager stevedore integration is not threadsafe
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Barbican |
Fix Released
|
Critical
|
Paul Kehrer |
Bug Description
Paul Kehrer (reaperhulk) verified that the current usage pattern for plugin managers in Barbican breaks functionality for the HSM interactions. In particular, an attempt to utilize the crypto_store.py plugin to interface to the HSM resulted in an IOError from the PKCS11 library, which then appeared to break the sockets interface from Barbican to external systems (such as the queue) thereafter. Paul has submitted a CR (https:/
Hence existing plugin manager implementations should implement this similar pattern. This bug is to address those places (I think currently only the secret_store.py plugin manager here: https:/
Thanks,
John
Changed in barbican: | |
milestone: | none → juno-3 |
status: | New → Confirmed |
importance: | Undecided → Critical |
assignee: | nobody → Paul Kehrer (paul-l-kehrer) |
Changed in barbican: | |
status: | Confirmed → In Progress |
Changed in barbican: | |
status: | Fix Committed → Fix Released |
Changed in barbican: | |
milestone: | juno-3 → 2014.2 |
Reviewed: https:/ /review. openstack. org/114341 /git.openstack. org/cgit/ openstack/ barbican/ commit/ ?id=a9b841c2a5a c2f7518597b2208 6d62a59ad5ba39
Committed: https:/
Submitter: Jenkins
Branch: master
commit a9b841c2a5ac2f7 518597b22086d62 a59ad5ba39
Author: Paul Kehrer <email address hidden>
Date: Thu Aug 14 10:34:23 2014 -1000
change CryptoPluginManager to be instantiated in the module scope
Fixes an issue where SecretStore was repeatedly creating new instances
of the stevedore extension manager, which caused issues with the loaded
plugins.
Closes-Bug: 1358386 c2c39e23ea31f20 0a56197b7cb
Change-Id: Icfafce0ec6fbac