[openstack-dev] [nova][keystone] Message Queue Security

David Chadwick d.w.chadwick at kent.ac.uk
Thu Apr 25 18:32:50 UTC 2013


So wouldn't adding a random nonce and timestamp be much simpler, which 
the recipient keeps until the timestamp expires, then throws both away. 
Its what other systems do

David

On 25/04/2013 17:27, Simo Sorce wrote:
> On Thu, 2013-04-25 at 17:19 +0100, David Chadwick wrote:
>> What happens in a very fast system if two sub-processes create a message
>> at the same time and therefore contain the same timestamp?
>
> Well, right now we use eventlet so no concurrency is really allowed.
> If we move to a truly concurrent system (something I actually hope we
> do) then we'll have to serialize how we get the timestamp. We'll
> basically need a single source of time that will just increment by one
> hundredth of a second or so if a second request comes in within the same
> hundredth of a second. Basically keep a high watermark in shared memory
> and use atomic updates to never get a dup.
>
> Simo.
>



More information about the OpenStack-dev mailing list