Re: PCP Updates: Fix Bug #1035: PMCD Should Not Fail to Start if NSS Fails to Initialize

[Dave Brolley <brolley@xxxxxxxxxx>]

On 03/25/2014 12:45 PM, Frank Ch. Eigler wrote:
> Dave Brolley <brolley@xxxxxxxxxx> writes:
>
> > commit b9d2adfa5ae7cc5d8ef8416bbf804736a40efda5
> > Author: Dave Brolley <brolley@xxxxxxxxxx>
> > Date:   Tue Mar 25 10:35:25 2014 -0400
> >
> >      When NSS fails to initialize, pmcd should still start successfully.
> > [...]
> Have you considered doing this at the pmcd/pmproxy.c level instead, so
> that a bad rc from __pmSecureServerSetup is sent but tolerated
> (instead of triggering DontStart())?  That way, the
> __pmSecureServerSetup function doesn't lie about its success, which in
> turn would later let us extend pmcd with a $PCP_SECURE_SOCKETS-like
> option to *require* ssl?
Frank and I talked a bit more about this and he correctly noted that, 
with this change, __pmSecureServerSetup() no longer contains a code path 
which returns anything other than 0. He has suggested changing it to 
return 'void'. I believe that it is possible that someday, such an error 
path could once again exist (e.g. if we were to implement Frank's 
example of having a pmcd/pmproxy mode for which secure connections are 
required). In that case we would be removing the return code only to add 
it again later. Even though this is currently only used by pmcd and 
pmproxy, I think we should think twice about changing the API if we 
think it could change back in the future.
Thoughts?
Dave