2011/6/27 David Howells <dhowells@xxxxxxxxxx>: > Pavel Shilovsky <piastryyy@xxxxxxxxx> wrote: > >> It seems that dns_resolver sets expiry timeout to zero here >> (http://lxr.free-electrons.com/source/security/keys/key.c#L310) and >> doesn't change it - so, it always returns cached value. > > That's not the DNS resolver you've provided a pointer to - that's where the > key allocator initialises a new key. Yes, I meant, that dns_query calls request_key -> request_key_and_link -> construct_key_and_link -> construct_alloc_key -> key_alloc and there expiry timeout is set to zero. I don't noticed any other places where this value changes while request_key is being processing. If I miss something, point me, please! > >> David, can you comment on this problem, please? > > It's not much of a problem. Userspace needs to set the key timeout before > instantiating the key: > > http://git.kernel.org/?p=linux/kernel/git/dhowells/keyutils.git;a=blob;f=key.dns_resolver.c;h=ab9b87875bcd94dae3083b2711207f87ceea7df1;hb=faabd7c8464502becd01972b1a76ab1dfa1906cc#l502 > > David > That makes the problem with setting expiry time to zero clear. Thanks! -- Best regards, Pavel Shilovsky. -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
