diff options
| author | Markus Roberts <Markus@reality.com> | 2009-10-19 21:51:32 -0700 |
|---|---|---|
| committer | James Turnbull <james@lovedthanlost.net> | 2009-10-27 10:41:00 +1100 |
| commit | 594c774dd466c85eae829eaba3898d02ae9538ca (patch) | |
| tree | 106fea44df284a929f8b5a2dcd31c1338a875f15 /lib/puppet/ssl | |
| parent | 73d04c6b15e1b626cd7dea1f963a5ca02a810137 (diff) | |
Revised partial fix for #2661 and related issues
If setup code for a process depends on network connectivity
it needs to be protected with a rescue clause as much as the
main body of the process.
Further, Timeout exceptions aren't under StandardError and thus
aren't caught by an un-typed rescue clause. This doesn't matter
if we've morphed the exception, but will cause the program to
fail if we haven't.
There are many places where these concerns _might_ cause a problem
but in most cases they never will in practice; this patch addesses
the two cases where I have been able to confirm that it actually
can cause the client daemon to exit and two more where I suspect
(but can not prove) that it could.
I'd be willing to push this patch as it stands, as it at least
fixes demonstrable problems. A more general solution would be
nice.
Diffstat (limited to 'lib/puppet/ssl')
| -rw-r--r-- | lib/puppet/ssl/host.rb | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/puppet/ssl/host.rb b/lib/puppet/ssl/host.rb index 29b947eea..11e11c597 100644 --- a/lib/puppet/ssl/host.rb +++ b/lib/puppet/ssl/host.rb @@ -235,12 +235,11 @@ class Puppet::SSL::Host # Attempt to retrieve a cert, if we don't already have one. def wait_for_cert(time) - return if certificate begin + return if certificate generate - return if certificate - rescue StandardError => detail + rescue Exception => detail Puppet.err "Could not request certificate: %s" % detail.to_s if time < 1 puts "Exiting; failed to retrieve certificate and watiforcert is disabled" |