Michael Bell wrote: [...]
Nice solution for you but I cannot update my notebook to the double speed ;)
I definetely needed it ;-D Anyway most of the people now have a 1.5Mhz systems so not many people will be worried about these performance problems, but finding a suitable solution it is a must.
If the following solution is not viable, let me know - I did not checked the AC code so I could be wrong ... :-D
I was thinking about a solution to reduce to a minimum the performance in access control. As we currently use the CGI module when the script is run we could:
- check for the cookie, if it is present and correct,
then the user is authenticated and the command is
executed; - otherwise we execute the AC to generate the new cookie for
the session;This should speed up the access control verification as we only run once per session - we initialize the AC object (and therefore access all the configurations) only if needed. This should guarantee a good security level while speeding things up a little bit.
I added some performance counters to initCGI and activated it by default. I commited this to CVS and build a new snapshot. It looks like the ssh on openca.org has a problem. Perhaps there is an attack related to the last security advisories for OpenSSH. Max, can you fix this? If the ssh works again then I put the snapshot on albert.
Auch! I forgot... I am sorry I knew there is this worm around and I have to fix it... but unfortunately I got the flu and I am not in a very good shape.
P.S. if I can fix the problem with the request generation then I update the snapshot.
Let me know so I will put it on the main download page.
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Dr. Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
Tel.: +39 (0)59 270 094
http://www.openca.org Fax: +39 178 221 8225
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
smime.p7s
Description: S/MIME Cryptographic Signature
