yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1368690] Re: Keystone2Keystone extension leaks file descriptors

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Morgan Fainberg <morgan.fainberg@xxxxxxxxx>
Date: Sun, 21 Sep 2014 06:10:46 -0000
Reply-to: Bug 1368690 <1368690@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This isn't a Keystone bug, it is a pysaml bug and there will be/has been
a release to solve it.

** Changed in: keystone
       Status: New => Invalid

** Changed in: keystone
     Assignee: Marek Denis (marek-denis) => (unassigned)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1368690

Title:
  Keystone2Keystone extension leaks file descriptors

Status in OpenStack Identity (Keystone):
  Invalid

Bug description:
  Keystone2Keystone extension uses pysaml2 library.
  Currently, one method used in Keystone, sigver.read_cert_from_file (https://github.com/openstack/keystone/blob/1e204483e5feebe489ecca409509ae31bacb0ce2/keystone/contrib/federation/idp.py#L446) doesn't properly close file descriptors (https://github.com/rohe/pysaml2/blob/master/src/saml2/sigver.py#L643)

  Proposed fix: File a bug in pysaml2 and propose a fix for pysaml2
  library.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1368690/+subscriptions

References

[Bug 1368690] [NEW] Keystone2Keystone extension leaks file descriptors
From: Marek Denis, 2014-09-12