diff --git a/NEWS b/NEWS
index 0838909ffa3fe16123400b424c287800306e6416..22cb17335962528c4d098cac7636c9cda2711515 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,19 @@
News
====
+Version 2.2.1 rc1
+-----------------
+
+*(Released Thu, 14 Oct 2010)*
+
+- Fix interaction between Curl/GnuTLS and the Python's HTTP server
+ (thanks Apollon Oikonomopoulos!), finally allowing the use of Curl
+ with GnuTLS
+- Fix problems with interaction between Curl and Python's HTTP server,
+ resulting in increased speed in many RPC calls
+- Improve our release script to prevent breakage with older aclocal and
+ Python 2.6
+
Version 2.2.1 rc0
-----------------
diff --git a/configure.ac b/configure.ac
index a32cd05d5a30baebbedf60f318c50acb6bda3f89..a87ffd7fa241644e35f6a0c324a013663b1ada1e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
m4_define([gnt_version_major], [2])
m4_define([gnt_version_minor], [2])
m4_define([gnt_version_revision], [1])
-m4_define([gnt_version_suffix], [~rc0])
+m4_define([gnt_version_suffix], [~rc1])
m4_define([gnt_version_full],
m4_format([%d.%d.%d%s],
gnt_version_major, gnt_version_minor,
diff --git a/devel/release b/devel/release
index 343781738d3d15696b772c76ce1784765e44a1d9..7e0ef335338401bcdf1b57ba0190487617c67b53 100755
--- a/devel/release
+++ b/devel/release
@@ -46,6 +46,26 @@ echo "Cloning the repository under $TMPDIR ..."
git clone -q "$URL" dist
cd dist
git checkout $TAG
+
+# Check minimum aclocal version for releasing
+MIN_ACLOCAL_VERSION=( 1 11 1 )
+ACLOCAL_VERSION=$(${ACLOCAL:-aclocal} --version | head -1 | \
+ sed -e 's/^[^0-9]*\([0-9\.]*\)$/\1/')
+
+ACLOCAL_VERSION_REST=$ACLOCAL_VERSION
+for v in ${MIN_ACLOCAL_VERSION[@]}; do
+ ACLOCAL_VERSION_PART=${ACLOCAL_VERSION_REST%%.*}
+ ACLOCAL_VERSION_REST=${ACLOCAL_VERSION_REST#$ACLOCAL_VERSION_PART.}
+ if [[ $v -eq $ACLOCAL_VERSION_PART ]]; then
+ continue
+ elif [[ $v -lt $ACLOCAL_VERSION_PART ]]; then
+ break
+ else # gt
+ echo "aclocal version $ACLOCAL_VERSION is too old (< 1.11.1)"
+ exit 1
+ fi
+done
+
./autogen.sh
./configure
diff --git a/lib/http/__init__.py b/lib/http/__init__.py
index 3df7d5b3c5397c1f497c56dbd6aa10d453633906..9049829912cef21116b1a7302c17fd5cffe72b21 100644
--- a/lib/http/__init__.py
+++ b/lib/http/__init__.py
@@ -550,6 +550,7 @@ class HttpSslParams(object):
"""
self.ssl_key_pem = utils.ReadFile(ssl_key_path)
self.ssl_cert_pem = utils.ReadFile(ssl_cert_path)
+ self.ssl_cert_path = ssl_cert_path
def GetKey(self):
return OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
@@ -612,6 +613,15 @@ class HttpBase(object):
OpenSSL.SSL.VERIFY_FAIL_IF_NO_PEER_CERT,
self._SSLVerifyCallback)
+ # Also add our certificate as a trusted CA to be sent to the client.
+ # This is required at least for GnuTLS clients to work.
+ try:
+ # This will fail for PyOpenssl versions before 0.10
+ ctx.add_client_ca(self._ssl_cert)
+ except AttributeError:
+ # Fall back to letting OpenSSL read the certificate file directly.
+ ctx.load_client_ca(ssl_params.ssl_cert_path)
+
return OpenSSL.SSL.Connection(ctx, sock)
def GetSslCiphers(self): # pylint: disable-msg=R0201
diff --git a/man/gnt-instance.sgml b/man/gnt-instance.sgml
index 560b665608aa246d0615de64cac12f57711a99cd..bddd8d24ad35860bf06ac8ac7165c5e455c7cb06 100644
--- a/man/gnt-instance.sgml
+++ b/man/gnt-instance.sgml
@@ -136,7 +136,7 @@
interpreted (when no unit is given) in mebibytes. You can
also use one of the suffixes
<literal>m</literal>, <literal>g</literal> or
- <literal>t</literal> to specificy the exact the units used;
+ <literal>t</literal> to specify the exact the units used;
these suffixes map to mebibytes, gibibytes and tebibytes.
</para>
@@ -633,9 +633,9 @@
<listitem>
<simpara>Valid for the KVM hypervisor.</simpara>
- <simpara>Under security model <quote>user</quote> the username
- to run the instance under. It must be a valid username
- existing on the host.
+ <simpara>Under security model <quote>user</quote> the
+ username to run the instance under. It must be a valid
+ username existing on the host.
</simpara>
<simpara>Cannot be set under security model <quote>none</quote>
or <quote>pool</quote>.
@@ -714,13 +714,17 @@
<simpara>This boolean option determines wether to run the KVM
instance in a chroot directory.
</simpara>
- <para>If it is set to <quote>true</quote>, an empty directory
- is created before starting the instance and its path is passed
- via the <option>-chroot</option> flag to kvm.
- The directory is removed when the instance is stopped.
+
+ <para>If it is set to <quote>true</quote>, an empty
+ directory is created before starting the instance and
+ its path is passed via the <option>-chroot</option>
+ flag to kvm. The directory is removed when the
+ instance is stopped.
</para>
- <simpara>It is set to <quote>false</quote> by default.</simpara>
+ <simpara>It is set to <quote>false</quote> by
+ default.</simpara>
+
</listitem>
</varlistentry>
@@ -1025,7 +1029,8 @@
</para>
<para>
- The command will display the job id for each submitted instance, as follows:
+ The command will display the job id for each submitted
+ instance, as follows:
<screen>
# gnt-instance batch-create instances.json
instance3: 11224
@@ -1092,6 +1097,8 @@ instance5: 11225
<command>list</command>
<arg>--no-headers</arg>
<arg>--separator=<replaceable>SEPARATOR</replaceable></arg>
+ <sbr>
+ <arg>--units=<replaceable>UNITS</replaceable></arg>
<arg>-o <replaceable>[+]FIELD,...</replaceable></arg>
<arg>--roman</arg>
<arg rep="repeat">instance</arg>
@@ -1110,6 +1117,16 @@ instance5: 11225
the output fields. Both these options are to help scripting.
</para>
+ <para>
+ The units used to display the numeric values in the output
+ varies, depending on the options given. By default, the values
+ will be formatted in the most appropriate unit. If the
+ <option>--separator</option> option is given, then the values
+ are shown in mebibytes to allow parsing by scripts. In both
+ cases, the <option>--units</option> option can be used to
+ enforce a given output unit.
+ </para>
+
<para>
The <option>--roman</option> option allows latin people to better
understand the cluster instances' status.