Univention Bugzilla – Bug 52274
Run UMC-Server with additional UNIX-socket and let UMC-Webserver connect to this
Last modified: 2020-11-25 12:07:51 CET
Created attachment 10537 [details] patch (git:fbest/52274-umc-server-unix-socket) The UMC-Server currently runs with TCP socket at Port 6670 including SSL/TLS. To gain performance we should let the UMC-Server run without TLS on a UNIX-Socket additionally. The UMC-Webserver should connect to this instead. We must keep the TCP Port 6670 still alive, as it is still used in some umc-command calls in the product.
You can already do the QA with git:7e979cf830b907722e07557db2367172bc854622 and git:0b82b28676bca85254fbf8b903993a53b5194397.
univention-management-console (11.0.5-15) 614b0edab221 | Bug #52274: debian/changelog + dependency ab0fa9b99183 | Bug #52274: fix error handling of socket.errors in non-TLS mode Bug #52274: fix error handling of socket.errors in non-TLS mode As we don't wrap the socket with TLS the raw exceptions socket.error exceptions will be raised instead, which now needs to be handled as well. d5e345546d1e | Bug #52274: run UMC-Server with addditional UNIX socket Bug #52274: run UMC-Server with addditional UNIX socket Start the UMC-Server with an additional UNIX socket and let the UMC-Webserver connect to this. Therefor we prevent the long runnning TLS handshake between the two services which we trust anyway. We must keep the TCP port 6670 currently opened because there are a few umc-command calls which still connect remotely to it. univention-management-console.yaml 496160ac83f9 | YAML Bug #52274
Sockets: OK, used umc-command: Still working YAML: OK
<https://errata.software-univention.de/#/?erratum=4.4x822>