On 7 jan 2011, at 14.32, Sion Lloyd wrote: > libhsm.h contains the following line: > > #define HSM_MAX_SESSIONS 10 > > Which probably goes some way to explaining it. I'm not sure that this can > just > be raised though as:
Yes this sets the limit on the maximum number of sessions per context. Each context have one session with each HSM. > 1) I don't know why it is set to 10 in the first place Neither do I. > 2) There may be some assumptions that it is 10 in other places. (I know that > there shouldn't be, but I have not checked for it.) I could not find any place that had this hard coded. We only add a session to a context in one place. This is where the HSM_MAX_SESSIONS is check. If that value is exceeded then we return 1. In the rest of the code, we use ctx->session_count as the maximum bound for the session array. This counter is increased each time a session is added. I do not think there is a problem for us increasing the number of allowed sessions (number of HSM:s). But how many key repositories do you need? Anyways, the libhsm will be rewritten for the v1.3 release. There we perhaps can have a look on a more dynamic approach of handling the sessions. // Rickard _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
