Michael Bell wrote: > Looks good and really robust (with close). Do you already have a diff?
The attached diffs are against the openca-0.9.2.2.tar.gz from www.openca.info. (Is this the recommended way for building diffs?) >> Problems: flock may not work on network devices. > > > ... is this a real problem? Perhaps it is too late and I should go home :) perldoc -f flock says " Note also that some versions of 'flock' cannot lock things over the network." I don't have a file systems flock does not like, so I don't know how it behaves and what error it returns (if any) if locking fails on a network file system. The attached lockit.pl can be used to test flock()-locking. Regards, Juergen
diff openca-0.9.2.2/src/web-interfaces/ca/ca.conf.in openca-0.9.2.2-lock/src/web-interfaces/ca/ca.conf.in 50a51 > LockFile "@var_prefix@/tmp/IssueCertificateLock"
diff openca-0.9.2.2/src/common/lib/functions/crypto-utils.lib
openca-0.9.2.2-lock/src/common/lib/functions/crypto-utils.lib
21a22
> use Fcntl ':flock';
1643a1645,1669
>
> sub libIssueCertificate
> {
> our $errno;
> our $errval;
>
> my $keys = [EMAIL PROTECTED];
> my $ret;
> if ( not open ( LOCKFILE, ">> ".getRequired("LockFile")) ) {
> $errno = 6725; #FIXME: Errno
> $errval = gettext ("Cannot open lockfile.");
> return undef;
> }
>
> flock LOCKFILE, LOCK_EX;
>
> $ret = libIssueCertificate_notLocked(%{$keys});
>
> flock LOCKFILE, LOCK_UN;
>
> close LOCKFILE;
>
> return $ret;
> }
>
1668c1694
< sub libIssueCertificate {
---
> sub libIssueCertificate_notLocked {
lockit.pl
Description: Perl program
smime.p7s
Description: S/MIME Cryptographic Signature
