Incompatible with OpenDNSSEC 2.1.13 : key handles are not shared between sessions #57

nponsard · 2023-07-25T11:47:05Z

If we don't have any answer from the OpenDNSSEC team we would have to change the implementation to have one unique object Db per Token/Slot.

OpenDNSSEC issue : https://issues.opendnssec.org/browse/SUPPORT-286

jans23 · 2023-07-26T10:01:30Z

Can we add an option to support this (which would be disabled by default)?

nponsard · 2023-07-26T10:08:02Z

Adding an option like that would add more complexity in the code.
The mitigation for this problem is to have one single cache per NetHSM/Slot instead of a cache per session. We could just change the cache to be per slot and that would work for every application. The only drawback being that the cache may stay invalid for longer and that could be fixed by a better handling of errors.

jans23 · 2023-07-26T10:09:44Z

Sounds fine for me.

nponsard added enhancement New feature or request priority: low labels Jul 25, 2023

nponsard mentioned this issue Jul 25, 2023

Future plans #59

Closed

nponsard linked a pull request Jul 27, 2023 that will close this issue

feat: per-slot database #61

Merged

nponsard closed this as completed in #61 Jul 27, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Incompatible with OpenDNSSEC 2.1.13 : key handles are not shared between sessions #57

Incompatible with OpenDNSSEC 2.1.13 : key handles are not shared between sessions #57

nponsard commented Jul 25, 2023 •

edited

jans23 commented Jul 26, 2023

nponsard commented Jul 26, 2023

jans23 commented Jul 26, 2023

Incompatible with OpenDNSSEC 2.1.13 : key handles are not shared between sessions #57

Incompatible with OpenDNSSEC 2.1.13 : key handles are not shared between sessions #57

Comments

nponsard commented Jul 25, 2023 • edited

jans23 commented Jul 26, 2023

nponsard commented Jul 26, 2023

jans23 commented Jul 26, 2023

nponsard commented Jul 25, 2023 •

edited