DOCSLIB.ORG

(IETF) M. Komu Request for Comments: 6317 Aalto University Category: Experimental T

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
(IETF) M. Komu Request for Comments: 6317 Aalto University Category: Experimental T Internet Engineering Task Force (IETF) M. Komu Request for Comments: 6317 Aalto University Category: Experimental T. Henderson ISSN: 2070-1721 The Boeing Company July 2011 Basic Socket Interface Extensions for the Host Identity Protocol (HIP) Abstract This document defines extensions to the current sockets API for the Host Identity Protocol (HIP). The extensions focus on the use of public-key-based identifiers discovered via DNS resolution, but also define interfaces for manual bindings between Host Identity Tags (HITs) and locators. With the extensions, the application can also support more relaxed security models where communication can be non- HIP-based, according to local policies. The extensions in this document are experimental and provide basic tools for further experimentation with policies. Status of This Memo This document is not an Internet Standards Track specification; it is published for examination, experimental implementation, and evaluation. This document defines an Experimental Protocol for the Internet community. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6317. Komu & Henderson Experimental [Page 1] RFC 6317 Basic API Extensions for HIP July 2011 Copyright Notice Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English. Table of Contents 1. Introduction ....................................................3 2. Terminology .....................................................5 3. Name Resolution Process .........................................5 3.1. Interaction with the Resolver ..............................5 3.2. Interaction without a Resolver .............................6 4. API Syntax and Semantics ........................................7 4.1. Socket Family and Address Structure Extensions .............7 4.2. Extensions to Resolver Data Structures .....................9 4.3. The Use of getsockname() and getpeername() Functions ......12 4.4. Selection of Source HIT Type ..............................12 4.5. Verification of HIT Type ..................................13 4.6. Explicit Handling of Locators .............................14 5. Summary of New Definitions .....................................16 6. Security Considerations ........................................16 7. Contributors ...................................................17 8. Acknowledgments ................................................17 9. References .....................................................17 9.1. Normative References ......................................17 9.2. Informative References ....................................18 Komu & Henderson Experimental [Page 2] RFC 6317 Basic API Extensions for HIP July 2011 1. Introduction This document defines the C-based sockets Application Programming Interface (API) extensions for handling HIP-based identifiers explicitly in HIP-aware applications. It is up to the applications, or high-level programming languages or libraries, to manage the identifiers. The extensions in this document are mainly related to the use case in which a DNS resolution step has occurred prior to the creation of a new socket, and assumes that the system has cached or is otherwise able to resolve identifiers to locators (IP addresses). The DNS extension for HIP is described in [RFC5205]. The extensions also cover the case in which an application may want to explicitly provide suggested locators with the identifiers, including supporting the opportunistic case in which the system does not know the peer host identity. The Host Identity Protocol (HIP) [RFC4423] proposes a new cryptographic namespace by separating the roles of endpoint identifiers and locators by introducing a new namespace to the TCP/IP stack. Shim6 [RFC5533] is another protocol based on an identity- locator split. The APIs specified in this document are specific to HIP, but have been designed as much as possible to not preclude its use with other protocols. The use of these APIs with other protocols is, nevertheless, for further study. The APIs in this document are based on Host Identity Tags (HITs) that are defined as IPv6 addresses with the Overlay Routable Cryptographic Hash Identifiers (ORCHID) prefix [RFC4843]. ORCHIDs are derived from Host Identifiers using a hash and fitting the result into an IPv6 address. Such addresses are called HITs, and they can be distinguished from other IPv6 addresses via the ORCHID prefix. Note that ORCHIDs are presently an experimental allocation by IANA. If the ORCHID allocation were to expire and HIT generation were to use a different prefix in the future, most users of the API would not be impacted, unless they explicitly checked the ORCHID prefix on returned HITs. Users who check (for consistency) that HITs have a valid ORCHID prefix must monitor the IANA allocation for ORCHIDs and adapt their software in case the ORCHID allocation were to be removed at a future date. Applications can observe the HIP layer and its identifiers in the networking stacks with varying degrees of visibility. [RFC5338] discusses the lowest levels of visibility in which applications are completely unaware of the underlying HIP layer. Such HIP-unaware applications in some circumstances use HIP-based identifiers, such as Local Scope Identifiers (LSIs) or HITs, instead of IPv4 or IPv6 addresses and cannot observe the identifier-locator bindings. Komu & Henderson Experimental [Page 3] RFC 6317 Basic API Extensions for HIP July 2011 This document specifies extensions to [RFC3493] to define a new socket address family, AF_HIP. Similarly to other address families, AF_HIP can be used as an alias for PF_HIP. The extensions also describe a new socket address structure for sockets using HITs explicitly and describe how the socket calls in [RFC3493] are adapted or extended as a result. Some applications may accept incoming communications from any identifier. Other applications may initiate outgoing communications without the knowledge of the peer identifier in opportunistic mode (Section 4.1.6 of [RFC5201]) by just relying on a peer locator. This document describes how to address both situations using "wildcards" as described in Section 4.1.1. This document references one additional API document [RFC6316] that defines multihoming and explicit-locator handling. Most of the extensions defined in this document can be used independently of the above document. The identity-locator split introduced by HIP introduces some policy- related challenges with datagram-oriented sockets, opportunistic mode, and manual bindings between HITs and locators. The extensions in this document are of an experimental nature and provide basic tools for experimenting with policies. Policy-related issues are left for further experimentation. To recap, the extensions in this document have three goals. The first goal is to allow HIP-aware applications to open sockets to other hosts based on the HITs alone, presuming that the underlying system can resolve the HITs to addresses used for initial contact. The second goal is that applications can explicitly initiate communications with unknown peer identifiers. The third goal is to illustrate how HIP-aware applications can use the Shim API [RFC6316] to manually map locators to HITs. This document was published as experimental because a number of its normative references had experimental status. The success of this experiment can be evaluated by a thorough implementation of the APIs defined. Komu & Henderson Experimental [Page 4] RFC 6317 Basic API Extensions for HIP July 2011 2. Terminology The terms used in this document are summarized in Table 1. +---------+--------------------------------------------------------+ | Term | Explanation | +---------+--------------------------------------------------------+ | FQDN | Fully Qualified Domain Name | | HIP | Host Identity Protocol | | HI | Host Identifier | | HIT | Host Identity
Load more

Recommended publications
  • The GNU C Library: System & Network Applications
    The GNU C Library: System & Network Applications For GNU C Libraries version 2.3.x by Sandra Loosemore with Richard M. Stallman, Roland McGrath, Andrew Oram, and Ulrich Drepper This manual documents the GNU C Libraries version 2.3.x. ISBN 1-882114-24-8, First Printing, March 2004. Published by: GNU Press Website: www.gnupress.org a division of the General: [email protected] Free Software Foundation Orders: [email protected] 51 Franklin St, Fifth Floor Tel: 617-542-5942 Boston, MA 02110-1301 USA Fax: 617-542-2652 Copyright © 1999, 2000, 2001, 2002, 2003, 2004 Free Software Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2, or any later version published by the Free Software Foundation; with the Invariant Sections being “Free Software and Free Manuals”, the “GNU Free Documentation License”," and the “GNU Lesser General Public License”, with the Front Cover Texts being “A GNU Manual”, and with the Back Cover Texts as in (a) below. A copy of the license is included in the section entitled “GNU Free Documentation License”. (a) The Back Cover Text is: You are free to copy and modify this GNU Manual. Buying copies from GNU Press supports the FSF in developing GNU and promoting software freedom. Cover art by Etienne Suvasa. Cover design by Jonathan Richard. Printed in USA. i Short Contents 1 Introduction ............................................ 1 2 Low-Level Input/Output .................................. 17 3 File-System Interface .................................... 71 4 Pipes and FIFOs ...................................... 119 5 Sockets .............................................. 125 6 Low-Level Terminal Interface ...........................
    [Show full text]
  • DNS and the DNS Cache Poisoning Attack
    Lecture 17: DNS and the DNS Cache Poisoning Attack Lecture Notes on “Computer and Network Security” by Avi Kak ([email protected]) June 25, 2021 3:21pm ©2021 Avinash Kak, Purdue University Goals: The Domain Name System BIND Configuring BIND Running BIND on your Ubuntu laptop Light-Weight Nameservers (and how to install them) DNS Cache Poisoning Attack Writing Perl and Python code for cache poisoning attacks Dan Kaminsky’s More Virulent DNS Cache Poisoning Attack CONTENTS Section Title Page 17.1 Internet, Harry Potter, and the Magic of DNS 3 17.2 DNS 5 17.3 An Example That Illustrates Extensive DNS 13 Lookups in Even the Simplest Client-Server Interactions 17.4 The Domain Name System and The dig Utility 28 17.5 host, nslookup, and whois Utilities for Name 42 Lookup 17.6 Creating a New Zone and Zone Transfers 45 17.7 DNS Cache 48 17.7.1 The TTL Time Interval 51 17.8 BIND 56 17.8.1 Configuring BIND 58 17.8.2 An Example of the named.conf Configuration File 64 17.8.3 Running BIND on Your Ubuntu Laptop 68 17.9 What Does it Mean to Run a Process in a 70 chroot Jail? 17.10 Phishing versus Pharming 73 17.11 DNS Cache Poisoning 74 17.12 Writing Perl and Python Code for Mounting a 81 DNS Cache Poisoning Attack 17.13 Dan Kaminsky’s More Virulent Exploit for 92 DNS Cache Poisoning 17.14 Homework Problems 99 Computer and Network Security by Avi Kak Lecture 17 Back to TOC 17.1 INTERNET, HARRY POTTER, AND THE MAGIC OF DNS If you have read Harry Potter, you are certainly familiar with the use of owl mail by the wizards and the witches.
    [Show full text]
  • Working with Oracle® Solaris 11.4 Directory and Naming Services: LDAP
    ® Working With Oracle Solaris 11.4 Directory and Naming Services: LDAP Part No: E61012 November 2020 Working With Oracle Solaris 11.4 Directory and Naming Services: LDAP Part No: E61012 Copyright © 2002, 2020, Oracle and/or its affiliates. License Restrictions Warranty/Consequential Damages Disclaimer This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. Warranty Disclaimer The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. Restricted Rights Notice If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users
    [Show full text]
  • Z/OS V2R4.0 Communications Server: IP IMS Sockets Guide Summary of Changes for IP IMS Sockets Guide
    z/OS Communications Server Version 2.Release 4 IP IMS Sockets Guide IBM SC27-3653-40 Note: Before using this information and the product it supports, be sure to read the general information under “Notices” on page 303. This edition applies to Version 2 Release 4 of z/OS® (5650-ZOS), and to subsequent releases and modifications until otherwise indicated in new editions. Last updated: 2021-06-21 © Copyright International Business Machines Corporation 2000, 2020. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Figures................................................................................................................. ix Tables................................................................................................................ xiii About this document.......................................................................................... xvii Who should read this document.............................................................................................................. xvii How this document is organized............................................................................................................. xviii How to use this document.......................................................................................................................xviii How to contact IBM service............................................................................................................... xviii Conventions and
    [Show full text]
  • Sockets/TCP/IP
    CS162: Operating Systems and Systems Programming Lecture 19: Networking: Sockets/TCP/ P 22 Ju"y 201$ Char"es &eiss %ttps://cs162.eecs.berkeley'edu/ Recal": Echo client-ser+er code void client(int sockfd) { int n; char sndbuf[MAXIN]; char rcvbuf[MAXOUT]; while (getreq(sndbuf, MAXIN)) { /* prompt + read */ write(sockfd, sndbuf, strlen(sndbuf)); /* send */ n=read(sockfd, rcvbuf, MAXOUT-1); /* receive */ if (n <= 0) return; /* handle error or EOF */ write(STDOUT_FILENO, rcvbuf, n); /* echo */ 3 3 void server(int consockfd) { int n; char reqbuf[MAXREQ]; while (1) { n = read(consockfd,reqbuf,MAXREQ-1); /* Recv */ if (n <= 0) return; /* handle error or EOF */ n = write(STDOUT_FILENO, reqbuf, strlen(reqbuf)); n = write(consockfd, reqbuf, strlen(reqbuf)); /* echo */ 3 2 3 Recal": Socket Setup o+er TCP/ P Server Socket new socket socket connection socket Client Server Specia" kind o- socket: server socket ― .as fi"e descriptor ― Can0t read or write Two operations: ― "isten1): start a""owing c"ients to connect ― accept(): create a new socket -or a particu"ar c"ient , Recal": Client Protocol char *hostname; char *portname; int sockfd; struct addrinfo *server; server = buildServerAddr(hostname, portname); /* Create a T P socket */ /* server-$ai%famil&: A(%)*+! ()Pv,) or A(%)*+!6 ()"v6) */ /* server-$ai%sockt&pe' S. /%ST0EA1 (byte-oriented) */ /* server-$ai%protocol' I""0.!.%! " */ sockfd = socket(server#>ai_family, server#$ai_socktype, server#$ai_protocol) /* Connect to server on port */ connect(sockfd, server#$ai_addr, server#>ai_addrlen); /* Carr&
    [Show full text]
  • CS162: Operating Systems and Systems Programming Lecture 20
    CS162: Operating Systems and Systems Programming Lecture 20: Networking: TCP/ P !finis#$% RPC (start'$ 23 Ju*y 201+ Char*es &eiss #ttps://cs162.eecs.berkeley,edu/ Recal*: Sockets .bstraction o/ network I/O inter/ace ― Bidirectional communication c#anne* ― 0ses file interface once esta-*is#ed ● read% write% c*ose Server setup: ― socket(), bind(), listen(), accept!$ ― read, write, c*ose from socket returned by accept Client setup: ― socket(), connect!$ ― t#en read, write, c*ose getaddrin/o($ to resolve names, addresses /or bind($ and connect!$ 2 Recal*: Layering Comple2 ser1ices from simpler ones TCP/IP networking layers: ― Physical + Link (4ireless, Ethernet, ..,$ ● Unrelia-*e, loca* e2c#ange o/ limited-si7ed frames ― Network (IP) – routing between networks ● Unrelia-*e, glo-a* e2c#ange o/ limited6si7ed packets ― Transport (TCP, 08P) – routing ● &elia-*ity, streams o/ bytes instead o/ packets, … ― .pplication – everything on top o/ sockets ( Recal*: Glue: Adding Functionality Physical Reality: Frames Abstraction: Stream Limited Size .r-itrary Si7e 0nordered (sometimes$ Ordered 0nre*iab*e Reliable <achine-to-machine Process-to-process On*y on local area net Routed anywhere .synchronous Synchronous Recal*: >ierarchical Networking: The nternet >ierarchy of networks – scales to mil*ions of host Other subnets "ranscontinental subnet1 Router #ink Router ther subnet$ subnets Router subnet2 + Recal*: Routing (2) Internet routing mechanism: routing tab*es ― 5ach router does tab*e lookup to decide which link to use to get packet closer to destination
    [Show full text]
  • Developer's Guide to Oracle® Solaris 11 Security
    ® Developer's Guide to Oracle Solaris 11 Security Part No: E36855 July 2014 Copyright © 2000, 2014, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT END USERS. Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications.
    [Show full text]
  • Z/OS Communications Server Version 2.Release 4
    z/OS Communications Server Version 2.Release 4 IP CICS Sockets Guide IBM SC27-3649-40 Note: Before using this information and the product it supports, be sure to read the general information under “Notices” on page 583. This edition applies to Version 2 Release 4 of z/OS® (5650-ZOS), and to subsequent releases and modifications until otherwise indicated in new editions. Last updated: 2021-06-21 © Copyright International Business Machines Corporation 2000, 2020. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Figures............................................................................................................... xiii Tables.................................................................................................................xxi About this document......................................................................................... xxiii Who should read this document............................................................................................................. xxiii How this document is organized............................................................................................................. xxiii How to use this document.......................................................................................................................xxiv How to contact IBM service............................................................................................................... xxiv Conventions and
    [Show full text]
  • TCP/IP Programmer's Reference
    VSI OpenVMS TCP/IP Programmer's Reference Document Number: DO-DVTPRG-01B Publication Date: January 2020 This manual documents the programmer's interface to VSI TCP/IP and is intended to guide the programmer in developing applications that use network services. Revision Update Information: This guide supercedes the VSI TCP/IP Programmer's Reference, Version 10.5. Operating System and Version: VSI OpenVMS Version 8.4-2L1 or higher Software Version: VSI TCP/IP for OpenVMS Version 10.6 VMS Software, Inc., (VSI) Bolton, Massachusetts, USA TCP/IP Programmer's Reference: Copyright © 2020 VMS Software, Inc. (VSI), Bolton, Massachusetts, USA Legal Notice Confidential computer software. Valid license from VSI required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for VSI products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. VSI shall not be liable for technical or editorial errors or omissions contained herein. HPE, HPE Integrity, HPE Alpha, and HPE Proliant are trademarks or registered trademarks of Hewlett Packard Enterprise. Intel, Itanium and IA64 are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Java, the coffee cup logo, and all Java based marks are trademarks or registered trademarks of Oracle Corporation in the United States or other countries.
    [Show full text]
  • Oracle® Solaris 11.3 Programming Interfaces Guide
    ® Oracle Solaris 11.3 Programming Interfaces Guide Part No: E54815 April 2019 Oracle Solaris 11.3 Programming Interfaces Guide Part No: E54815 Copyright © 2001, 2019, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S.
    [Show full text]
  • Working with Oracle® Solaris 11.3 Directory and Naming Services: LDAP
    ® Working With Oracle Solaris 11.3 Directory and Naming Services: LDAP Part No: E54912 September 2018 Working With Oracle Solaris 11.3 Directory and Naming Services: LDAP Part No: E54912 Copyright © 2002, 2018, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs.
    [Show full text]
  • TI Network Developer's Kit (NDK) API Reference Guide (Rev. K)
    TI Network Developer's Kit (NDK) API Reference Guide Literature Number: SPRU524K May 2001–Revised October 2017 Contents Preface ........................................................................................................................................ 9 1 Introduction ....................................................................................................................... 11 1.1 What This Document Covers ............................................................................................. 12 1.2 Introduction.................................................................................................................. 12 1.3 Supplemental API Information............................................................................................ 13 2 Operating System Abstraction API ....................................................................................... 14 2.1 Operating System Configuration ......................................................................................... 15 2.1.1 Configuration Structure ........................................................................................... 15 2.2 Task Support................................................................................................................ 17 2.2.1 Function Overview ................................................................................................ 17 2.2.2 Task API Functions ............................................................................................... 18 2.3 Semaphore
    [Show full text]