From: Patrick M. <pa...@no...> - 2006-05-25 22:04:26
|
Let me try again. Currently we have one shared pfkey socket for many "users". My proposal is to provide a dedicated pfkey socket for each pfkey_dump_sadb operation. This will eliminate any possiblity of one pfkey_dump_sadb operation from interfering with another pkey_dump_sadb's operation.=20 If we are to share this socket between all pfkey_dump_sadb operation, is there a chance of this interference?=20 I think pfkey_dump_sadb can be triggered a number of ways. Lets say it is triggered as a part of normal IKE SA negotiation (I don't know if this is possible), can the racoonctl invoked pfkey_dump_sadb interferes with it? Pat -----Original Message----- From: ips...@li... [mailto:ips...@li...] On Behalf Of Emmanuel Dreyfus Sent: Thursday, May 25, 2006 4:11 PM To: Ma, Patrick [RICH1:B670:EXCH]; ips...@li... Subject: Re: [Ipsec-tools-devel] racoon - racoonctl race condition Patrick Ma <pa...@no...> wrote: > I sure if the scheduler offer this protection. Can you run into a case > where a racoonctl initiated pfkey_dump_sadb operation stealing an=20 > event from a racoon initiated dump operation? I'm not sure I parse your question... -- Emmanuel Dreyfus ma...@ne... ------------------------------------------------------- All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D107521&bid=3D248729&dat=3D= 121642 _______________________________________________ Ipsec-tools-devel mailing list Ips...@li... https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel |