Bug 1479: GnuPG curl-shim TCP half-close harms HTTP interop

Phil Pennock gnupg-devel at spodhuis.org
Mon Mar 4 11:48:08 CET 2013


On 2013-03-04 at 11:09 +0100, Werner Koch wrote:
> On Mon,  4 Mar 2013 09:13, gnupg-devel at spodhuis.org said:
> > SKS itself still is compatible here.  Unfortunately, SKS is
> > single-threaded and sees one request through to completion, so it's
> 
> You mean there is just an accept() waiting for a connection and than
> handling it.  Instead of having a select loop which handles all network
> I/O (via closures, threads, or fork).
> 
> Please tell me that this is not true.

It's O'Caml, so not quite literally, but otherwise yes, that's true.

Thus the reverse proxies.

The software was, as I understand matters, written as an academic
project.  It has never been ported to a concurrency library.  It's
O'Caml, which limits the audience of programmers capable of rewriting
to be concurrent.  I certainly couldn't: I've fixed various bugs, but am
not going to pretend I could re-architect.

Hockeypuck is looking interesting.  Written in Go, is fully concurrent,
and implementing the SKS reconciliation part.  Author's instance is
running at:

  http://keyserver.gazzang.net/


Summary of the keyserver code-bases I know of:

  http://people.spodhuis.org/phil.pennock/pgp-keyservers

Pointers to others appreciated.

-Phil



More information about the Gnupg-devel mailing list