Return-Path: X-Original-To: apmail-cloudstack-issues-archive@www.apache.org Delivered-To: apmail-cloudstack-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7BF661071D for ; Thu, 2 Jan 2014 21:55:50 +0000 (UTC) Received: (qmail 41119 invoked by uid 500); 2 Jan 2014 21:55:50 -0000 Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org Received: (qmail 41097 invoked by uid 500); 2 Jan 2014 21:55:50 -0000 Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list issues@cloudstack.apache.org Received: (qmail 41089 invoked by uid 500); 2 Jan 2014 21:55:50 -0000 Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org Received: (qmail 41086 invoked by uid 99); 2 Jan 2014 21:55:50 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Jan 2014 21:55:50 +0000 Date: Thu, 2 Jan 2014 21:55:50 +0000 (UTC) From: "ASF subversion and git services (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CLOUDSTACK-5723) Malfunction agent may block future SSL connection to the server MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CLOUDSTACK-5723?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13860831#comment-13860831 ] ASF subversion and git services commented on CLOUDSTACK-5723: ------------------------------------------------------------- Commit 939f20559e8e6466e3c736a588e645692b3468db in branch refs/heads/4.3 from [~yasker] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=939f205 ] CLOUDSTACK-5723: Add timeout for SSL handshake To prevent malfunction agent block the future SSL connections > Malfunction agent may block future SSL connection to the server > --------------------------------------------------------------- > > Key: CLOUDSTACK-5723 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5723 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the default.) > Components: Management Server > Affects Versions: 4.2.0, 4.3.0 > Reporter: Sheng Yang > Assignee: Sheng Yang > Priority: Critical > Fix For: 4.2.1, 4.3.0 > > > If one agent failed to process the SSL handshake process, it would block the future incoming connections to mgmt server. > Then all the future connection to the mgmt server would be hold infinitely until the malfunction agent exit. > The reason is we use blocking mode in communication when try to do SSL handshake process, though we have mechanism to protect mgmt from malfunction agent who try to exchange handshake info too many times, we don't have mechanism on stop one agent didn't response the handshake. -- This message was sent by Atlassian JIRA (v6.1.5#6160)