ahelsing
commented
9 years ago We are not currently using this at all.
Trac comment by ahelsing on 12-18-2013 at 16:18
Open ahelsing opened 9 years ago
ahelsing
commented
9 years ago We are not currently using this at all.
Trac comment by ahelsing on 12-18-2013 at 16:18
ahelsing
commented
9 years ago ch.py actually uses this. We have a branch browser:@tkt410-pgch that has changes that may fix this, but are not tested.
Trac comment by ahelsing on 01-30-2014 at 15:10
SecureThreadedXMLRPCRequestHandler uses a thread local to store the client cert, for access by our xmlrpc server. But it creates the thread local as a class variable. So later threads over-ride the value.
In practice this doesn't hurt us, cause the first thread writes the value and then nearly immediately reads the value (only once). If this were causing problems, we would see errors where user 1 gets an error message that they used the cert for user 2. We don't see these, to my knowledge.
To fix this:
make the class method get_pem_cert look up by current_thread().ident or .name
Imported from trac ticket #410, created by ahelsing on 10-25-2013 at 14:23, last modified: 10-17-2014 at 15:03