[squid-dev] [PATCH] Make PID file check/creation atomic
Alex Rousskov
rousskov at measurement-factory.com
Tue May 16 14:52:01 UTC 2017
On 05/16/2017 06:23 AM, Amos Jeffries wrote:
> On 16/05/17 06:53, Eduard Bagdasaryan wrote:
>> Ssl::Lock class resides in
>> src/security/cert_generators/file/certificate_db.h.
> I suspect the limitations you found to that class are behind the
> ssl_crtd helper bugs
Those Ssl::Lock limitations are not bugs. The class does not support
shared locking, which is a limitation, but ssl_crtd code does not use
shared locking, so that limitation does not lead to ssl_crtd problems.
The primary reason we could not generalize Ssl::Lock is the helper
source code boundary that prohibits the use of most Squid code in
helpers (from debugging to TextException to enter_suid).
> It should probably be converted to the new
> base/File class for better locking in the helper.
It is impossible to convert ssl_crtd to use File without either changing
the helper boundary policy or making that program into a Squid kid. The
conversion will not fix any known bugs, and all of that is outside this
project scope, but I believe we have already covered very similar issues
when discussing SBuf use in helpers a few months ago.
Alex.
More information about the squid-dev
mailing list