[Swift-commit] cog r3791

swift at ci.uchicago.edu swift at ci.uchicago.edu
Thu Sep 19 18:30:02 CDT 2013


------------------------------------------------------------------------
r3791 | hategan | 2013-09-19 18:26:35 -0500 (Thu, 19 Sep 2013) | 1 line

use one CA per JVM instance
------------------------------------------------------------------------
Index: modules/provider-coaster/src/org/globus/cog/abstraction/impl/execution/coaster/AutoCA.java
===================================================================
--- modules/provider-coaster/src/org/globus/cog/abstraction/impl/execution/coaster/AutoCA.java	(revision 3790)
+++ modules/provider-coaster/src/org/globus/cog/abstraction/impl/execution/coaster/AutoCA.java	(working copy)
@@ -97,6 +97,7 @@
     private X509Certificate cert;
     private X509V3CertificateGenerator gen;
     private Lock jvmLock;
+    private int localBundleIndex = -1;
 
     public synchronized static AutoCA getInstance() {
         if (instance == null) {
@@ -165,17 +166,35 @@
             }
             
             if (now + MIN_CA_CERT_LIFETIME_LEFT > maxExpirationTime || !SHARED_PROXIES) {
-                int index = discoverNextIndex();
+                int index;
+                boolean create;
+                if (this.localBundleIndex == -1) {
+                    index = discoverNextIndex();
+                    this.localBundleIndex = index;
+                    create = true;
+                }
+                else {
+                    index = this.localBundleIndex;
+                    create = false;
+                }
                 this.info = new Info(makeFile(PROXY_NAME_PREFIX, index), makeFile(CA_CRT_NAME_PREFIX, index));
-                if (logger.isInfoEnabled()) {
-                    if (!SHARED_PROXIES) {
-                        logger.info("Shared proxies are disabled. Creating new certificate: " + info.proxyPath);
+                if (create) {
+                    if (logger.isInfoEnabled()) {
+                        if (!SHARED_PROXIES) {
+                            logger.info("Shared proxies are disabled. Creating new certificate: " + info.proxyPath);
+                        }
+                        else {
+                            logger.info("No certificates with enough lifetime. Creating new certificate: " + info.proxyPath);
+                        }
                     }
-                    else {
-                        logger.info("No certificates with enough lifetime. Creating new certificate: " + info.proxyPath);
+                    this.cert = createAll(index);
+                }
+                else {
+                    if (logger.isInfoEnabled()) {
+                        logger.info("Using local JVM certificate " + this.info.proxyPath);
                     }
+                    this.cert = CertUtil.loadCertificate(this.info.caCertPath);
                 }
-                this.cert = createAll(index);
             }
             else {
                 if (logger.isInfoEnabled()) {



More information about the Swift-commit mailing list