[Opendnssec-develop] SoftHSMv2 and IPC

Rickard Bellgrim rickard at opendnssec.org
Tue Oct 30 21:19:18 UTC 2012

> 14 characters is not a problem, thats 10^14 combinations if you just
> sprintf() a number as identification. Hitting the maximum number of
> semaphore is a bigger problem because it might not be changeable on
> some systems and hard for some users to do.

The name is now a string with the path and the UUID of the object. So
currently it is longer than 14 characters.

I only hit a maximum with the System V semaphores, but not with the
POSIX semaphores.

> Why do we have a semaphore per object?

For synchronizing changes between processes. There is a memory layer
and file layer. To minimize the number of semaphore, it would be
better to re-design this part.

> What is an object (is it a key_pair)?

PKCS#11 Objects:

> How does this work in v1?

All data are read from the SQLite database.

// Rickard

More information about the Opendnssec-develop mailing list