www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,

Browse Source 
and WatchdogMutexPath with a single Mutex directive.  Add APIs to
simplify setup and user customization of APR proc and global mutexes.  
(See util_mutex.h.)  Build-time setting DEFAULT_LOCKFILE is no longer
respected; set DEFAULT_REL_RUNTIMEDIR instead.

Some existing modules, such as mod_ldap and mod_auth_digest gain 
configurability for their mutexes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@883540 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jeff Trawick
2009-11-23 23:17:51 +00:00
parent b5a24b1d4f
commit 2e9668a33d
31 changed files with 628 additions and 564 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@@ -10,6 +10,12 @@ Changes with Apache 2.3.3
mod_proxy_ftp: NULL pointer dereference on error paths.
[Stefan Fritsch <sf fritsch.de>, Joe Orton]
*) Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,
and WatchdogMutexPath with a single Mutex directive. Add APIs to
simplify setup and user customization of APR proc and global mutexes.
(See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
respected; set DEFAULT_REL_RUNTIMEDIR instead. [Jeff Trawick]
*) http_core: KeepAlive no longer accepts other than On|Off.
[Takashi Sato]

4
build/mkconfNW.awk
View File

@@ -100,8 +100,8 @@ match ($0,/^SSLSessionCache +"shmcb:/) {
sub(/^SSLSessionCache/, "#SSLSessionCache")
}
match ($0,/^SSLMutex +"file:@exp_runtimedir@\/ssl_mutex"/) {
sub(/"file:@exp_runtimedir@\/ssl_mutex"/, "default")
match ($0,/^Mutex +"file:@rel_runtimedir@"/) {
sub(/"file:@rel_runtimedir@"/, "default")
}
match ($0,/@@.*@@/) {

14
docs/conf/extra/httpd-mpm.conf.in
View File

@@ -12,20 +12,6 @@
PidFile "@rel_runtimedir@/httpd.pid"
</IfModule>
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
<IfModule !mpm_simple_module>
<IfModule !mpm_winnt_module>
<IfModule !mpm_netware_module>
<IfModule !mpm_mpmt_os2_module>
LockFile "@rel_logfiledir@/accept.lock"
</IfModule>
</IfModule>
</IfModule>
</IfModule>
#
# Only one of the below sections will be relevant on your
# installed httpd. Use "apachectl -l" to find out the

5
docs/conf/extra/httpd-ssl.conf.in
View File

@@ -56,11 +56,6 @@ SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:@exp_runtimedir@/ssl_scache(512000)"
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex "file:@exp_runtimedir@/ssl_mutex"
##
## SSL Virtual Host Context
##

16
docs/conf/httpd.conf.in
View File

@@ -22,12 +22,22 @@
# configuration, error, and log files are kept.
#
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk. If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
#
ServerRoot "@@ServerRoot@@"
#
# Mutex: Allows you to set the mutex mechanism and mutex file directory
# for individual mutexes, or change the global defaults
#
# Uncomment only if mutexes are file-based and the default mutex file
# directory is not appropriate.
#
# Mutex default file:@rel_runtimedir@
#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>

3
include/ap_mmn.h
View File

@@ -205,6 +205,7 @@
* 20091011.1 (2.3.3-dev) add debug_level to util_ldap_state_t
* 20091031.0 (2.3.3-dev) remove public LDAP referral-related macros
* 20091119.0 (2.3.4-dev) dav_error interface uses apr_status_t parm, not errno
* 20091119.1 (2.3.4-dev) ap_mutex_register(), ap_{proc,global}_mutex_create()
*
*/
@@ -213,7 +214,7 @@
#ifndef MODULE_MAGIC_NUMBER_MAJOR
#define MODULE_MAGIC_NUMBER_MAJOR 20091119
#endif
#define MODULE_MAGIC_NUMBER_MINOR 0 /* 0...n */
#define MODULE_MAGIC_NUMBER_MINOR 1 /* 0...n */
/**
* Determine if the server's current MODULE_MAGIC_NUMBER is at least a

4
include/ap_slotmem.h
View File

@@ -40,10 +40,6 @@
#include "apr_global_mutex.h"
#include "apr_file_io.h"
#ifdef AP_NEED_SET_MUTEX_PERMS
#include "unixd.h"
#endif
#if APR_HAVE_UNISTD_H
#include <unistd.h> /* for getpid() */
#endif

19
include/mpm_common.h
View File

@@ -264,20 +264,6 @@ extern const char *ap_pid_fname;
const char *ap_mpm_set_pidfile(cmd_parms *cmd, void *dummy,
const char *arg);
/**
* The name of lockfile used when Apache needs to lock the accept() call.
*/
extern const char *ap_lock_fname;
const char *ap_mpm_set_lockfile(cmd_parms *cmd, void *dummy,
const char *arg);
/**
* The system mutex implementation to use for the accept mutex.
*/
extern apr_lockmech_e ap_accept_lock_mech;
const char *ap_mpm_set_accept_lock_mech(cmd_parms *cmd, void *dummy,
const char *arg);
/*
* Set the scorboard file.
*/
@@ -347,6 +333,11 @@ AP_DECLARE_HOOK(apr_status_t, mpm_register_timed_callback,
/* get MPM name (e.g., "prefork" or "event") */
AP_DECLARE_HOOK(const char *,mpm_get_name,(void))
/* mutex type string for accept mutex, if any; MPMs should use the
* same mutex type for ease of configuration
*/
#define ap_accept_mutex_type "mpm-accept"
#ifdef __cplusplus
}
#endif

1
include/util_ldap.h
View File

@@ -156,7 +156,6 @@ typedef struct util_ldap_state_t {
/* cache ald */
void *util_ldap_cache;
char *lock_file; /* filename for shm lock mutex */
long connectionTimeout;
int verify_svr_cert;
int debug_level; /* SDK debug level */

104
include/util_mutex.h
View File

@@ -98,6 +98,110 @@ AP_DECLARE(apr_status_t) ap_parse_mutex(const char *arg, apr_pool_t *pool,
apr_lockmech_e *mutexmech,
const char **mutexfile);
/* private function to process the Mutex directive */
AP_DECLARE(const char *) ap_set_mutex(cmd_parms *cmd, void *dummy,
const char *typelist,
const char *mechfile);
/**
* option flags for ap_mutex_register(), ap_global_mutex_create(), and
* ap_proc_mutex_create()
*/
#define AP_MUTEX_ALLOW_NONE 1 /* allow "none" as mutex implementation;
* respected only on ap_mutex_register()
*/
#define AP_MUTEX_DEFAULT_NONE 2 /* default to "none" for this mutex;
* respected only on ap_mutex_register()
*/
/**
* Register a module's mutex type with core to allow configuration
* with the Mutex directive. This must be called in the pre_config
* hook; otherwise, configuration directives referencing this mutex
* type will be rejected.
*
* The default_dir and default_mech parameters allow a module to set
* defaults for the lock file directory and mechanism. These could
* be based on compile-time settings. These aren't required except
* in special circumstances.
*
* The order of precedence for the choice of mechanism and lock file
* directory is:
*
* 1. Mutex directive specifically for this mutex
* e.g., Mutex mpm-default flock:/tmp/mpmlocks
* 2. Mutex directive for global default
* e.g., Mutex default flock:/tmp/httpdlocks
* 3. Defaults for this mutex provided on the ap_mutex_register()
* 4. Built-in defaults for all mutexes, which are
* APR_LOCK_DEFAULT and DEFAULT_REL_RUNTIMEDIR.
*
* @param pconf The pconf pool
* @param type The type name of the mutex, used as the basename of the
* file associated with the mutex, if any. This must be unique among
* all mutex types (mutex creation accommodates multi-instance mutex
* types); mod_foo might have mutex types "foo-pipe" and "foo-shm"
* @param default_dir Default dir for any lock file required for this
* lock, to override built-in defaults; should be NULL for most
* modules, to respect built-in defaults
* @param default_mech Default mechanism for this lock, to override
* built-in defaults; should be APR_LOCK_DEFAULT for most modules, to
* respect built-in defaults
* or NULL if there are no defaults for this mutex.
* @param options combination of AP_MUTEX_* constants, or 0 for defaults
*/
AP_DECLARE(apr_status_t) ap_mutex_register(apr_pool_t *pconf,
const char *type,
const char *default_dir,
apr_lockmech_e default_mech,
apr_int32_t options);
/**
* Create an APR global mutex that has been registered previously with
* ap_mutex_register(). Mutex files, permissions, and error logging will
* be handled internally.
* @param mutex The memory address where the newly created mutex will be
* stored. If this mutex is disabled, mutex will be set to NULL on
* output. (That is allowed only if the AP_MUTEX_ALLOW_NONE flag is
* passed to ap_mutex_register().)
* @param type The type name of the mutex, matching the type name passed
* to ap_mutex_register().
* @param instance_id A unique string to be used in the lock filename IFF
* this mutex type is multi-instance, NULL otherwise.
* @param s server_rec of main server
* @param pconf pool
* @param options combination of AP_MUTEX_* constants, or 0 for defaults
* (currently none are defined for this function)
*/
AP_DECLARE(apr_status_t) ap_global_mutex_create(apr_global_mutex_t **mutex,
const char *type,
const char *instance_id,
server_rec *s,
apr_pool_t *pconf,
apr_int32_t options);
/**
* Create an APR proc mutex that has been registered previously with
* ap_mutex_register(). Mutex files, permissions, and error logging will
* be handled internally.
* @param mutex The memory address where the newly created mutex will be
* stored. If this mutex is disabled, mutex will be set to NULL on
* output. (That is allowed only if the AP_MUTEX_ALLOW_NONE flag is
* passed to ap_mutex_register().)
* @param type The type name of the mutex, matching the type name passed
* to ap_mutex_register().
* @param instance_id A unique string to be used in the lock filename IFF
* this mutex type is multi-instance, NULL otherwise.
* @param s server_rec of main server
* @param pconf pool
* @param options combination of AP_MUTEX_* constants, or 0 for defaults
* (currently none are defined for this function)
*/
AP_DECLARE(apr_status_t) ap_proc_mutex_create(apr_proc_mutex_t **mutex,
const char *type,
const char *instance_id,
server_rec *s, apr_pool_t *p,
apr_int32_t options);
#ifdef __cplusplus
}

42
modules/aaa/mod_auth_digest.c
View File

@@ -74,6 +74,7 @@
#include "http_protocol.h"
#include "apr_uri.h"
#include "util_md5.h"
#include "util_mutex.h"
#include "apr_shm.h"
#include "apr_rmm.h"
#include "ap_provider.h"
@@ -179,8 +180,8 @@ static unsigned long *opaque_cntr;
static apr_time_t *otn_counter; /* one-time-nonce counter */
static apr_global_mutex_t *client_lock = NULL;
static apr_global_mutex_t *opaque_lock = NULL;
static const char *client_lock_name;
static const char *opaque_lock_name;
static const char *client_lock_type = "authdigest-client";
static const char *opaque_lock_type = "authdigest-opaque";
static const char *client_shm_filename;
#define DEF_SHMEM_SIZE 1000L /* ~ 12 entries */
@@ -321,12 +322,7 @@ static int initialize_tables(server_rec *s, apr_pool_t *ctx)
client_list->tbl_len = num_buckets;
client_list->num_entries = 0;
client_lock_name = apr_psprintf(ctx, "%s/authdigest_lock.%"APR_PID_T_FMT, tempdir,
getpid());
/* FIXME: get the client_lock_name from a directive so we're portable
* to non-process-inheriting operating systems, like Win32. */
sts = apr_global_mutex_create(&client_lock, client_lock_name,
APR_LOCK_DEFAULT, ctx);
sts = ap_global_mutex_create(&client_lock, client_lock_type, NULL, s, ctx, 0);
if (sts != APR_SUCCESS) {
log_error_and_cleanup("failed to create lock (client_lock)", sts, s);
return !OK;
@@ -342,11 +338,7 @@ static int initialize_tables(server_rec *s, apr_pool_t *ctx)
}
*opaque_cntr = 1UL;
opaque_lock_name = apr_psprintf(ctx, "%s/authdigest_opaque_lock.%"APR_PID_T_FMT,
tempdir,
getpid());
sts = apr_global_mutex_create(&opaque_lock, opaque_lock_name,
APR_LOCK_DEFAULT, ctx);
sts = ap_global_mutex_create(&opaque_lock, opaque_lock_type, NULL, s, ctx, 0);
if (sts != APR_SUCCESS) {
log_error_and_cleanup("failed to create lock (opaque_lock)", sts, s);
return !OK;
@@ -370,6 +362,21 @@ static int initialize_tables(server_rec *s, apr_pool_t *ctx)
#endif /* APR_HAS_SHARED_MEMORY */
static int pre_init(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp)
{
apr_status_t rv;
rv = ap_mutex_register(pconf, client_lock_type, NULL, APR_LOCK_DEFAULT, 0);
if (rv == APR_SUCCESS) {
rv = ap_mutex_register(pconf, opaque_lock_type, NULL, APR_LOCK_DEFAULT,
0);
}
if (rv != APR_SUCCESS) {
return rv;
}
return OK;
}
static int initialize_module(apr_pool_t *p, apr_pool_t *plog,
apr_pool_t *ptemp, server_rec *s)
@@ -428,12 +435,16 @@ static void initialize_child(apr_pool_t *p, server_rec *s)
return;
}
sts = apr_global_mutex_child_init(&client_lock, client_lock_name, p);
sts = apr_global_mutex_child_init(&client_lock,
apr_global_mutex_lockfile(client_lock),
p);
if (sts != APR_SUCCESS) {
log_error_and_cleanup("failed to create lock (client_lock)", sts, s);
return;
}
sts = apr_global_mutex_child_init(&opaque_lock, opaque_lock_name, p);
sts = apr_global_mutex_child_init(&opaque_lock,
apr_global_mutex_lockfile(opaque_lock),
p);
if (sts != APR_SUCCESS) {
log_error_and_cleanup("failed to create lock (opaque_lock)", sts, s);
return;
@@ -2033,6 +2044,7 @@ static void register_hooks(apr_pool_t *p)
static const char * const cfgPost[]={ "http_core.c", NULL };
static const char * const parsePre[]={ "mod_proxy.c", NULL };
ap_hook_pre_config(pre_init, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_post_config(initialize_module, NULL, cfgPost, APR_HOOK_MIDDLE);
ap_hook_child_init(initialize_child, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_post_read_request(parse_hdr_and_update_nc, parsePre, NULL, APR_HOOK_MIDDLE);

86
modules/core/mod_watchdog.c
View File

@@ -20,10 +20,7 @@
#include "mod_watchdog.h"
#include "ap_provider.h"
#include "ap_mpm.h"
#ifdef AP_NEED_SET_MUTEX_PERMS
#include "unixd.h"
#endif
#include "util_mutex.h"
#define AP_WATCHODG_PGROUP "watchdog"
#define AP_WATCHODG_PVERSION "parent"
@@ -46,7 +43,6 @@ struct ap_watchdog_t
{
apr_thread_mutex_t *startup;
apr_proc_mutex_t *mutex;
const char *mutex_path;
const char *name;
watchdog_list_t *callbacks;
int is_running;
@@ -66,11 +62,11 @@ struct wd_server_conf_t
server_rec *s;
};
static char *wd_mutex_path = NULL;
static wd_server_conf_t *wd_server_conf = NULL;
static apr_interval_time_t wd_interval = AP_WD_TM_INTERVAL;
static int wd_interval_set = 0;
static int mpm_is_forked = AP_MPMQ_NOT_SUPPORTED;
static const char *wd_proc_mutex_type = "wd-proc";
static apr_status_t wd_worker_cleanup(void *data)
{
@@ -276,7 +272,8 @@ static apr_status_t wd_startup(ap_watchdog_t *w, apr_pool_t *p)
if (w->singleton) {
/* Initialize singleton mutex in child */
rc = apr_proc_mutex_child_init(&w->mutex, w->mutex_path, p);
rc = apr_proc_mutex_child_init(&w->mutex,
apr_proc_mutex_lockfile(w->mutex), p);
if (rc != APR_SUCCESS)
return rc;
}
@@ -387,38 +384,6 @@ static apr_status_t ap_watchdog_register_callback(ap_watchdog_t *w,
return APR_SUCCESS;
}
static apr_status_t wd_create_mutex(ap_watchdog_t *w, apr_pool_t *p)
{
apr_status_t rv;
apr_lockmech_e mech = APR_LOCK_DEFAULT;
const char *mb_path = wd_mutex_path ? wd_mutex_path : "logs";
w->mutex_path = ap_server_root_relative(p,
apr_pstrcat(p, mb_path,
"/.wdc-", w->name, ".mutex", NULL));
/* TODO: Check the mutex mechanisms */
#if APR_HAS_FCNTL_SERIALIZE
mech = APR_LOCK_FCNTL;
#else
#if APR_HAS_FLOCK_SERIALIZE
mech = APR_LOCK_FLOCK;
#endif
#endif
rv = apr_proc_mutex_create(&w->mutex, w->mutex_path, mech, p);
#ifdef AP_NEED_SET_MUTEX_PERMS
if (rv == APR_SUCCESS) {
rv = ap_unixd_set_proc_mutex_perms(w->mutex);
if (rv != APR_SUCCESS) {
/* Destroy the mutex early */
apr_proc_mutex_destroy(w->mutex);
w->mutex = NULL;
}
}
#endif
return rv;
}
/*--------------------------------------------------------------------------*/
/* */
/* Pre config hook. */
@@ -451,6 +416,12 @@ static int wd_pre_config_hook(apr_pool_t *pconf, apr_pool_t *plog,
return rv;
}
}
if ((rv = ap_mutex_register(pconf, wd_proc_mutex_type, NULL,
APR_LOCK_DEFAULT, 0)) != APR_SUCCESS) {
return rv;
}
return OK;
}
@@ -557,10 +528,10 @@ static int wd_post_config_hook(apr_pool_t *pconf, apr_pool_t *plog,
* Create mutexes for singleton watchdogs
*/
if (w->singleton) {
rv = wd_create_mutex(w, wd_server_conf->pool);
rv = ap_proc_mutex_create(&w->mutex, wd_proc_mutex_type,
w->name, s,
wd_server_conf->pool, 0);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
"Watchdog: Failed to create mutex.");
return rv;
}
}
@@ -612,30 +583,6 @@ static void wd_child_init_hook(apr_pool_t *p, server_rec *s)
}
}
/*--------------------------------------------------------------------------*/
/* */
/* WatchdogMutexPath directive */
/* */
/*--------------------------------------------------------------------------*/
static const char *wd_cmd_mutex_path(cmd_parms *cmd, void *dummy,
const char *arg)
{
const char *errs = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (errs != NULL)
return errs;
if (wd_mutex_path != NULL)
return "Duplicate WatchdogMutexPath directives are not allowed";
wd_mutex_path = apr_pstrdup(cmd->pool, arg);
if (wd_mutex_path == NULL)
return "Invalid WatchdogMutexPath name";
if (wd_mutex_path[strlen(wd_mutex_path) - 1] == '/')
wd_mutex_path[strlen(wd_mutex_path) - 1] = '\0';
return NULL;
}
/*--------------------------------------------------------------------------*/
/* */
/* WatchdogInterval directive */
@@ -666,13 +613,6 @@ static const char *wd_cmd_watchdog_int(cmd_parms *cmd, void *dummy,
/*--------------------------------------------------------------------------*/
static const command_rec wd_directives[] =
{
AP_INIT_TAKE1(
"WatchdogMutexPath", /* directive name */
wd_cmd_mutex_path, /* config action routine */
NULL, /* argument to include in call */
RSRC_CONF, /* where available */
"Path where the Watchdog mutexes will be created"
),
AP_INIT_TAKE1(
"WatchdogInterval", /* directive name */
wd_cmd_watchdog_int, /* config action routine */

4
modules/core/mod_watchdog.h
View File

@@ -44,10 +44,6 @@
#include "apr_global_mutex.h"
#include "apr_thread_mutex.h"
#ifdef AP_NEED_SET_MUTEX_PERMS
#include "unixd.h"
#endif
#if APR_HAVE_UNISTD_H
#include <unistd.h> /* for getpid() */
#endif

63
modules/examples/mod_example_ipc.c
View File

@@ -52,13 +52,9 @@
#include "http_config.h"
#include "http_log.h"
#include "http_protocol.h"
#include "util_mutex.h"
#include "ap_config.h"
#if !defined(OS2) && !defined(WIN32) && !defined(NETWARE)
#include "unixd.h"
#define MOD_EXIPC_SET_MUTEX_PERMS /* XXX Apache should define something */
#endif
#if APR_HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
@@ -80,7 +76,7 @@
apr_shm_t *exipc_shm; /* Pointer to shared memory block */
char *shmfilename; /* Shared memory file name, used on some systems */
apr_global_mutex_t *exipc_mutex; /* Lock around shared memory segment access */
char *mutexfilename; /* Lock file name, used on some systems */
static const char *exipc_mutex_type = "example-ipc-shm";
/* Data structure for shared memory block */
typedef struct exipc_data {
@@ -100,6 +96,18 @@ static apr_status_t shm_cleanup_wrapper(void *unused) {
return OK;
}
/*
* This routine is called in the parent; we must register our
* mutex type before the config is processed so that users can
* adjust the mutex settings using the Mutex directive.
*/
static int exipc_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
apr_pool_t *ptemp)
{
ap_mutex_register(pconf, exipc_mutex_type, NULL, APR_LOCK_DEFAULT, 0);
return OK;
}
/*
* This routine is called in the parent, so we'll set up the shared
@@ -140,8 +148,8 @@ static int exipc_post_config(apr_pool_t *pconf, apr_pool_t *plog,
} /* Kilroy was here */
/*
* Both the shared memory and mutex allocation routines take a
* file name. Depending on system-specific implementation of these
* The shared memory allocation routines take a file name.
* Depending on system-specific implementation of these
* routines, that file may or may not actually be created. We'd
* like to store those files in the operating system's designated
* temporary directory, which APR can point us to.
@@ -178,40 +186,12 @@ static int exipc_post_config(apr_pool_t *pconf, apr_pool_t *plog,
/* Create global mutex */
/*
* Create another unique filename to lock upon. Note that
* depending on OS and locking mechanism of choice, the file
* may or may not be actually created.
*/
mutexfilename = apr_psprintf(pconf, "%s/httpd_mutex.%ld", tempdir,
(long int) getpid());
rs = apr_global_mutex_create(&exipc_mutex, (const char *) mutexfilename,
APR_LOCK_DEFAULT, pconf);
rs = ap_global_mutex_create(&exipc_mutex, exipc_mutex_type, NULL, s, pconf,
0);
if (APR_SUCCESS != rs) {
ap_log_error(APLOG_MARK, APLOG_ERR, rs, s,
"Failed to create mutex on file %s",
mutexfilename);
return HTTP_INTERNAL_SERVER_ERROR;
}
/*
* After the mutex is created, its permissions need to be adjusted
* on unix platforms so that the child processe can acquire
* it. This call takes care of that. The preprocessor define was
* set up early in this source file since Apache doesn't provide
* it.
*/
#ifdef MOD_EXIPC_SET_MUTEX_PERMS
rs = ap_unixd_set_global_mutex_perms(exipc_mutex);
if (APR_SUCCESS != rs) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rs, s,
"Parent could not set permissions on Example IPC "
"mutex: check User and Group directives");
return HTTP_INTERNAL_SERVER_ERROR;
}
#endif /* MOD_EXIPC_SET_MUTEX_PERMS */
/*
* Destroy the shm segment when the configuration pool gets destroyed. This
* happens on server restarts. The parent will then (above) allocate a new
@@ -236,12 +216,12 @@ static void exipc_child_init(apr_pool_t *p, server_rec *s)
* the mutex pointer global here.
*/
rs = apr_global_mutex_child_init(&exipc_mutex,
(const char *) mutexfilename,
apr_global_mutex_lockfile(exipc_mutex),
p);
if (APR_SUCCESS != rs) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rs, s,
"Failed to reopen mutex on file %s",
shmfilename);
"Failed to reopen mutex %s in child",
exipc_mutex_type);
/* There's really nothing else we can do here, since This
* routine doesn't return a status. If this ever goes wrong,
* it will turn Apache into a fork bomb. Let's hope it never
@@ -367,6 +347,7 @@ static int exipc_handler(request_rec *r)
static void exipc_register_hooks(apr_pool_t *p)
{
ap_hook_pre_config(exipc_pre_config, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_post_config(exipc_post_config, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_child_init(exipc_child_init, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_handler(exipc_handler, NULL, NULL, APR_HOOK_MIDDLE);

4
modules/generators/mod_info.c
View File

@@ -528,10 +528,6 @@ static int show_server_settings(request_rec * r)
ap_rputs(" -D DEFAULT_SCOREBOARD=\"" DEFAULT_SCOREBOARD "\"\n", r);
#endif
#ifdef DEFAULT_LOCKFILE
ap_rputs(" -D DEFAULT_LOCKFILE=\"" DEFAULT_LOCKFILE "\"\n", r);
#endif
#ifdef DEFAULT_ERRORLOG
ap_rputs(" -D DEFAULT_ERRORLOG=\"" DEFAULT_ERRORLOG "\"\n", r);
#endif

48
modules/ldap/util_ldap.c
View File

@@ -28,6 +28,7 @@
#include "http_log.h"
#include "http_protocol.h"
#include "http_request.h"
#include "util_mutex.h"
#include "util_ldap.h"
#include "util_ldap_cache.h"
@@ -41,10 +42,6 @@
#error mod_ldap requires APR-util to have LDAP support built in
#endif
#ifdef AP_NEED_SET_MUTEX_PERMS
#include "unixd.h"
#endif
/* Default define for ldap functions that need a SIZELIMIT but
* do not have the define
* XXX This should be removed once a supporting #define is
@@ -67,6 +64,7 @@
#define AP_LDAP_CHASEREFERRALS_ON 1
module AP_MODULE_DECLARE_DATA ldap_module;
static const char *ldap_cache_lock_type = "ldap-cache";
#define LDAP_CACHE_LOCK() do { \
if (st->util_ldap_cache_lock) \
@@ -2518,6 +2516,20 @@ static apr_status_t util_ldap_cleanup_module(void *data)
}
static int util_ldap_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
apr_pool_t *ptemp)
{
apr_status_t result;
result = ap_mutex_register(pconf, ldap_cache_lock_type, NULL,
APR_LOCK_DEFAULT, 0);
if (result != APR_SUCCESS) {
return result;
}
return OK;
}
static int util_ldap_post_config(apr_pool_t *p, apr_pool_t *plog,
apr_pool_t *ptemp, server_rec *s)
{
@@ -2567,30 +2579,12 @@ static int util_ldap_post_config(apr_pool_t *p, apr_pool_t *plog,
return DONE;
}
#if APR_HAS_SHARED_MEMORY
if (st->cache_file) {
st->lock_file = apr_pstrcat(st->pool, st->cache_file, ".lck",
NULL);
}
#endif
result = apr_global_mutex_create(&st->util_ldap_cache_lock,
st->lock_file, APR_LOCK_DEFAULT,
st->pool);
result = ap_global_mutex_create(&st->util_ldap_cache_lock,
ldap_cache_lock_type, NULL, s, p, 0);
if (result != APR_SUCCESS) {
return result;
}
#ifdef AP_NEED_SET_MUTEX_PERMS
result = ap_unixd_set_global_mutex_perms(st->util_ldap_cache_lock);
if (result != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, result, s,
"LDAP cache: failed to set mutex permissions");
return result;
}
#endif
/* merge config in all vhost */
s_vhost = s->next;
while (s_vhost) {
@@ -2607,7 +2601,6 @@ static int util_ldap_post_config(apr_pool_t *p, apr_pool_t *plog,
"for VHOST: %s", st->cache_shm, st->cache_rmm,
s_vhost->server_hostname);
#endif
st_vhost->lock_file = st->lock_file;
s_vhost = s_vhost->next;
}
#if APR_HAS_SHARED_MEMORY
@@ -2684,12 +2677,12 @@ static void util_ldap_child_init(apr_pool_t *p, server_rec *s)
if (!st->util_ldap_cache_lock) return;
sts = apr_global_mutex_child_init(&st->util_ldap_cache_lock,
st->lock_file, p);
apr_global_mutex_lockfile(st->util_ldap_cache_lock), p);
if (sts != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, sts, s,
"Failed to initialise global mutex %s in child process %"
APR_PID_T_FMT ".",
st->lock_file, getpid());
ldap_cache_lock_type, getpid());
}
}
@@ -2795,6 +2788,7 @@ static void util_ldap_register_hooks(apr_pool_t *p)
APR_REGISTER_OPTIONAL_FN(uldap_ssl_supported);
APR_REGISTER_OPTIONAL_FN(uldap_cache_check_subgroups);
ap_hook_pre_config(util_ldap_pre_config, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_post_config(util_ldap_post_config,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_handler(util_ldap_handler, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_child_init(util_ldap_child_init, NULL, NULL, APR_HOOK_MIDDLE);

78
modules/mappers/mod_rewrite.c
View File

@@ -94,15 +94,12 @@
#include "http_log.h"
#include "http_protocol.h"
#include "http_vhost.h"
#include "util_mutex.h"
#include "mod_ssl.h"
#include "mod_rewrite.h"
#ifdef AP_NEED_SET_MUTEX_PERMS
#include "unixd.h"
#endif
static ap_dbd_t *(*dbd_acquire)(request_rec*) = NULL;
static void (*dbd_prepare)(server_rec*, const char*, const char*) = NULL;
@@ -382,8 +379,8 @@ static int proxy_available;
static int rewrite_rand_init_done = 0;
/* Locks/Mutexes */
static const char *lockname;
static apr_global_mutex_t *rewrite_mapr_lock_acquire = NULL;
const char *rewritemap_mutex_type = "rewrite-map";
/* Optional functions imported from mod_ssl when loaded: */
static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *rewrite_ssl_lookup = NULL;
@@ -1232,7 +1229,6 @@ static apr_status_t run_rewritemap_programs(server_rec *s, apr_pool_t *p)
rewrite_server_conf *conf;
apr_hash_index_t *hi;
apr_status_t rc;
int lock_warning_issued = 0;
conf = ap_get_module_config(s->module_config, &rewrite_module);
@@ -1259,13 +1255,6 @@ static apr_status_t run_rewritemap_programs(server_rec *s, apr_pool_t *p)
continue;
}
if (!lock_warning_issued && (!lockname || !*lockname)) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
"mod_rewrite: Running external rewrite maps "
"without defining a RewriteLock is DANGEROUS!");
++lock_warning_issued;
}
rc = rewritemap_program_child(p, map->argv[0], map->argv,
&fpout, &fpin);
if (rc != APR_SUCCESS || fpin == NULL || fpout == NULL) {
@@ -2646,45 +2635,26 @@ static apr_status_t rewritelock_create(server_rec *s, apr_pool_t *p)
{
apr_status_t rc;
/* only operate if a lockfile is used */
if (lockname == NULL || *(lockname) == '\0') {
return APR_SUCCESS;
}
/* create the lockfile */
rc = apr_global_mutex_create(&rewrite_mapr_lock_acquire, lockname,
APR_LOCK_DEFAULT, p);
/* XXX See if there are any rewrite map programs before creating
* the mutex.
*/
rc = ap_global_mutex_create(&rewrite_mapr_lock_acquire,
rewritemap_mutex_type, NULL, s, p, 0);
if (rc != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rc, s,
"mod_rewrite: Parent could not create RewriteLock "
"file %s", lockname);
return rc;
}
#ifdef AP_NEED_SET_MUTEX_PERMS
rc = ap_unixd_set_global_mutex_perms(rewrite_mapr_lock_acquire);
if (rc != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rc, s,
"mod_rewrite: Parent could not set permissions "
"on RewriteLock; check User and Group directives");
return rc;
}
#endif
return APR_SUCCESS;
}
static apr_status_t rewritelock_remove(void *data)
{
/* only operate if a lockfile is used */
if (lockname == NULL || *(lockname) == '\0') {
return APR_SUCCESS;
}
/* destroy the rewritelock */
apr_global_mutex_destroy (rewrite_mapr_lock_acquire);
rewrite_mapr_lock_acquire = NULL;
lockname = NULL;
if (rewrite_mapr_lock_acquire) {
apr_global_mutex_destroy(rewrite_mapr_lock_acquire);
rewrite_mapr_lock_acquire = NULL;
}
return(0);
}
@@ -3158,23 +3128,6 @@ static const char *cmd_rewritemap(cmd_parms *cmd, void *dconf, const char *a1,
return NULL;
}
static const char *cmd_rewritelock(cmd_parms *cmd, void *dconf, const char *a1)
{
const char *error;
if ((error = ap_check_cmd_context(cmd, GLOBAL_ONLY)) != NULL)
return error;
/* fixup the path, especially for rewritelock_remove() */
lockname = ap_server_root_relative(cmd->pool, a1);
if (!lockname) {
return apr_pstrcat(cmd->pool, "Invalid RewriteLock path ", a1, NULL);
}
return NULL;
}
static const char *cmd_rewritebase(cmd_parms *cmd, void *in_dconf,
const char *a1)
{
@@ -4279,6 +4232,8 @@ static int pre_config(apr_pool_t *pconf,
{
APR_OPTIONAL_FN_TYPE(ap_register_rewrite_mapfunc) *map_pfn_register;
ap_mutex_register(pconf, rewritemap_mutex_type, NULL, APR_LOCK_DEFAULT, 0);
/* register int: rewritemap handlers */
map_pfn_register = APR_RETRIEVE_OPTIONAL_FN(ap_register_rewrite_mapfunc);
if (map_pfn_register) {
@@ -4348,9 +4303,9 @@ static void init_child(apr_pool_t *p, server_rec *s)
{
apr_status_t rv = 0; /* get a rid of gcc warning (REWRITELOG_DISABLED) */
if (lockname != NULL && *(lockname) != '\0') {
if (rewrite_mapr_lock_acquire) {
rv = apr_global_mutex_child_init(&rewrite_mapr_lock_acquire,
lockname, p);
apr_global_mutex_lockfile(rewrite_mapr_lock_acquire), p);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
"mod_rewrite: could not init rewrite_mapr_lock_acquire"
@@ -5023,9 +4978,6 @@ static const command_rec command_table[] = {
"an URL-applied regexp-pattern and a substitution URL"),
AP_INIT_TAKE2( "RewriteMap", cmd_rewritemap, NULL, RSRC_CONF,
"a mapname and a filename"),
AP_INIT_TAKE1( "RewriteLock", cmd_rewritelock, NULL, RSRC_CONF,
"the filename of a lockfile used for inter-process "
"synchronization"),
#ifndef REWRITELOG_DISABLED
AP_INIT_TAKE1( "RewriteLog", cmd_rewritelog, NULL, RSRC_CONF,
"the filename of the rewriting logfile"),

8
modules/ssl/mod_ssl.c
View File

@@ -54,7 +54,6 @@ static const command_rec ssl_config_cmds[] = {
/*
* Global (main-server) context configuration directives
*/
SSL_CMD_SRV(Mutex, TAKE1, AP_ALL_AVAILABLE_MUTEXES_STRING)
SSL_CMD_SRV(PassPhraseDialog, TAKE1,
"SSL dialog mechanism for the pass phrase query "
"('builtin', '|/path/to/pipe_program', "
@@ -201,7 +200,6 @@ static const command_rec ssl_config_cmds[] = {
/*
* OCSP Stapling options
*/
SSL_CMD_SRV(StaplingMutex, TAKE1, AP_ALL_AVAILABLE_MUTEXES_STRING)
SSL_CMD_SRV(StaplingCache, TAKE1,
"SSL Stapling Response Cache storage "
"(`dbm:/path/to/file')")
@@ -313,6 +311,12 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
/* Register to handle mod_status status page generation */
ssl_scache_status_register(pconf);
/* Register mutex type names so they can be configured with Mutex */
ap_mutex_register(pconf, ssl_cache_mutex_type, NULL, APR_LOCK_DEFAULT, 0);
#ifdef HAVE_OCSP_STAPLING
ap_mutex_register(pconf, ssl_stapling_mutex_type, NULL, APR_LOCK_DEFAULT, 0);
#endif
return OK;
}

83
modules/ssl/ssl_engine_config.c
View File

@@ -61,9 +61,6 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s)
*/
mc->sesscache_mode = SSL_SESS_CACHE_OFF;
mc->sesscache = NULL;
mc->nMutexMode = SSL_MUTEXMODE_UNSET;
mc->nMutexMech = APR_LOCK_DEFAULT;
mc->szMutexFile = NULL;
mc->pMutex = NULL;
mc->aRandSeed = apr_array_make(pool, 4,
sizeof(ssl_randseed_t));
@@ -74,11 +71,8 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s)
mc->szCryptoDevice = NULL;
#endif
#ifdef HAVE_OCSP_STAPLING
mc->stapling_cache = NULL;
mc->stapling_mutex_mode = SSL_MUTEXMODE_UNSET;
mc->stapling_mutex_mech = APR_LOCK_DEFAULT;
mc->stapling_mutex_file = NULL;
mc->stapling_mutex = NULL;
mc->stapling_cache = NULL;
mc->stapling_mutex = NULL;
#endif
memset(mc->pTmpKeys, 0, sizeof(mc->pTmpKeys));
@@ -383,41 +377,6 @@ void *ssl_config_perdir_merge(apr_pool_t *p, void *basev, void *addv)
* Configuration functions for particular directives
*/
const char *ssl_cmd_SSLMutex(cmd_parms *cmd,
void *dcfg,
const char *arg_)
{
apr_status_t rv;
const char *err;
SSLModConfigRec *mc = myModConfig(cmd->server);
if ((err = ap_check_cmd_context(cmd, GLOBAL_ONLY))) {
return err;
}
if (ssl_config_global_isfixed(mc)) {
return NULL;
}
rv = ap_parse_mutex(arg_, cmd->server->process->pool,
&mc->nMutexMech, &mc->szMutexFile);
if (rv == APR_ENOLOCK) {
mc->nMutexMode = SSL_MUTEXMODE_NONE;
return NULL;
} else if (rv == APR_ENOTIMPL) {
return apr_pstrcat(cmd->pool, "Invalid SSLMutex argument ", arg_,
" (" AP_ALL_AVAILABLE_MUTEXES_STRING ")", NULL);
} else if (rv == APR_BADARG) {
return apr_pstrcat(cmd->pool, "Invalid SSLMutex filepath ",
arg_, NULL);
}
mc->nMutexMode = SSL_MUTEXMODE_USED;
return NULL;
}
const char *ssl_cmd_SSLPassPhraseDialog(cmd_parms *cmd,
void *dcfg,
const char *arg)
@@ -1546,44 +1505,6 @@ const char *ssl_cmd_SSLStaplingCache(cmd_parms *cmd,
return NULL;
}
const char *ssl_cmd_SSLStaplingMutex(cmd_parms *cmd,
void *dcfg,
const char *arg_)
{
apr_status_t rv;
const char *err;
SSLModConfigRec *mc = myModConfig(cmd->server);
if ((err = ap_check_cmd_context(cmd, GLOBAL_ONLY))) {
return err;
}
if (ssl_config_global_isfixed(mc)) {
return NULL;
}
rv = ap_parse_mutex(arg_, cmd->server->process->pool,
&mc->stapling_mutex_mech, &mc->stapling_mutex_file);
if (rv == APR_ENOLOCK) {
mc->stapling_mutex_mode = SSL_MUTEXMODE_NONE;
return NULL;
}
else if (rv == APR_ENOTIMPL) {
return apr_pstrcat(cmd->pool, "Invalid SSLStaplingMutex argument ",
arg_,
" (" AP_ALL_AVAILABLE_MUTEXES_STRING ")", NULL);
}
else if (rv == APR_BADARG) {
return apr_pstrcat(cmd->pool, "Invalid SSLStaplingMutex filepath ",
arg_, NULL);
}
mc->stapling_mutex_mode = SSL_MUTEXMODE_USED;
return NULL;
}
const char *ssl_cmd_SSLUseStapling(cmd_parms *cmd, void *dcfg, int flag)
{
SSLSrvConfigRec *sc = mySrvConfig(cmd->server);

45
modules/ssl/ssl_engine_mutex.c
View File

@@ -30,10 +30,6 @@
#include "ssl_private.h"
#ifdef AP_NEED_SET_MUTEX_PERMS
#include "unixd.h"
#endif
int ssl_mutex_init(server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
@@ -50,35 +46,13 @@ int ssl_mutex_init(server_rec *s, apr_pool_t *p)
if (mc->pMutex) {
return TRUE;
}
else if (mc->nMutexMode == SSL_MUTEXMODE_NONE) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
"An SSLMutex is required for the '%s' session cache",
mc->sesscache->name);
return FALSE;
}
if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile,
mc->nMutexMech, s->process->pool))
if ((rv = ap_global_mutex_create(&mc->pMutex, ssl_cache_mutex_type, NULL,
s, s->process->pool, 0))
!= APR_SUCCESS) {
if (mc->szMutexFile)
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot create SSLMutex with file `%s'",
mc->szMutexFile);
else
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot create SSLMutex");
return FALSE;
}
#ifdef AP_NEED_SET_MUTEX_PERMS
rv = ap_unixd_set_global_mutex_perms(mc->pMutex);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Could not set permissions on ssl_mutex; check User "
"and Group directives");
return FALSE;
}
#endif
return TRUE;
}
@@ -86,21 +60,24 @@ int ssl_mutex_reinit(server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
apr_status_t rv;
const char *lockfile;
if (mc->nMutexMode == SSL_MUTEXMODE_NONE || !mc->sesscache
if (mc->pMutex == NULL || !mc->sesscache
|| (mc->sesscache->flags & AP_SOCACHE_FLAG_NOTMPSAFE) == 0) {
return TRUE;
}
lockfile = apr_global_mutex_lockfile(mc->pMutex);
if ((rv = apr_global_mutex_child_init(&mc->pMutex,
mc->szMutexFile, p)) != APR_SUCCESS) {
if (mc->szMutexFile)
lockfile,
p)) != APR_SUCCESS) {
if (lockfile)
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot reinit SSLMutex with file `%s'",
mc->szMutexFile);
"Cannot reinit %s mutex with file `%s'",
ssl_cache_mutex_type, lockfile);
else
ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s,
"Cannot reinit SSLMutex");
"Cannot reinit %s mutex", ssl_cache_mutex_type);
return FALSE;
}
return TRUE;

22
modules/ssl/ssl_private.h
View File

@@ -39,6 +39,7 @@
#include "util_script.h"
#include "util_filter.h"
#include "util_ebcdic.h"
#include "util_mutex.h"
#include "apr.h"
#include "apr_strings.h"
#define APR_WANT_STRFUNC
@@ -266,15 +267,6 @@ typedef enum {
#define SSL_PCM_ISNONZERO 8
typedef unsigned int ssl_pathcheck_t;
/**
* Define the SSL mutex modes
*/
typedef enum {
SSL_MUTEXMODE_UNSET = UNSET,
SSL_MUTEXMODE_NONE = 0,
SSL_MUTEXMODE_USED = 1
} ssl_mutexmode_t;
/**
* Define the SSL enabled state
*/
@@ -403,9 +395,6 @@ typedef struct {
const ap_socache_provider_t *sesscache;
ap_socache_instance_t *sesscache_context;
ssl_mutexmode_t nMutexMode;
apr_lockmech_e nMutexMech;
const char *szMutexFile;
apr_global_mutex_t *pMutex;
apr_array_header_t *aRandSeed;
apr_hash_t *tVHostKeys;
@@ -419,9 +408,6 @@ typedef struct {
#ifdef HAVE_OCSP_STAPLING
const ap_socache_provider_t *stapling_cache;
ap_socache_instance_t *stapling_cache_context;
ssl_mutexmode_t stapling_mutex_mode;
apr_lockmech_e stapling_mutex_mech;
const char *stapling_mutex_file;
apr_global_mutex_t *stapling_mutex;
#endif
@@ -566,7 +552,6 @@ void *ssl_config_server_create(apr_pool_t *, server_rec *);
void *ssl_config_server_merge(apr_pool_t *, void *, void *);
void *ssl_config_perdir_create(apr_pool_t *, char *);
void *ssl_config_perdir_merge(apr_pool_t *, void *, void *);
const char *ssl_cmd_SSLMutex(cmd_parms *, void *, const char *);
const char *ssl_cmd_SSLPassPhraseDialog(cmd_parms *, void *, const char *);
const char *ssl_cmd_SSLCryptoDevice(cmd_parms *, void *, const char *);
const char *ssl_cmd_SSLRandomSeed(cmd_parms *, void *, const char *, const char *, const char *);
@@ -666,7 +651,6 @@ int ssl_engine_disable(conn_rec *c);
/** OCSP Stapling Support */
#ifdef HAVE_OCSP_STAPLING
const char *ssl_cmd_SSLStaplingMutex(cmd_parms *, void *, const char *);
const char *ssl_cmd_SSLStaplingCache(cmd_parms *, void *, const char *);
const char *ssl_cmd_SSLUseStapling(cmd_parms *, void *, int);
const char *ssl_cmd_SSLStaplingResponseTimeSkew(cmd_parms *, void *, const char *);
@@ -741,6 +725,10 @@ int ssl_mutex_off(server_rec *);
int ssl_stapling_mutex_init(server_rec *, apr_pool_t *);
int ssl_stapling_mutex_reinit(server_rec *, apr_pool_t *);
/* mutex type names for Mutex directive */
#define ssl_cache_mutex_type "ssl-cache"
#define ssl_stapling_mutex_type "ssl-stapling"
/** Logfile Support */
void ssl_die(void);
void ssl_log_ssl_error(const char *, int, int, server_rec *);

47
modules/ssl/ssl_util_stapling.c
View File

@@ -32,10 +32,6 @@
#include "ap_mpm.h"
#include "apr_thread_mutex.h"
#ifdef AP_NEED_SET_MUTEX_PERMS
#include "unixd.h"
#endif
#ifdef HAVE_OCSP_STAPLING
/**
@@ -480,36 +476,13 @@ int ssl_stapling_mutex_init(server_rec *s, apr_pool_t *p)
if (mc->stapling_mutex || sc->server->stapling_enabled != TRUE) {
return TRUE;
}
if (mc->stapling_mutex_mode == SSL_MUTEXMODE_NONE
|| mc->stapling_mutex_mode == SSL_MUTEXMODE_UNSET) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
"An SSLStaplingMutex is required for OCSP Stapling");
if ((rv = ap_global_mutex_create(&mc->stapling_mutex,
ssl_stapling_mutex_type, NULL, s,
s->process->pool, 0)) != APR_SUCCESS) {
return FALSE;
}
if ((rv = apr_global_mutex_create(&mc->stapling_mutex,
mc->stapling_mutex_file,
mc->stapling_mutex_mech, s->process->pool))
!= APR_SUCCESS) {
if (mc->stapling_mutex_file)
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot create SSLStaplingMutex with file `%s'",
mc->stapling_mutex_file);
else
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot create SSLStaplingMutex");
return FALSE;
}
#ifdef AP_NEED_SET_MUTEX_PERMS
rv = ap_unixd_set_global_mutex_perms(mc->stapling_mutex);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Could not set permissions on ssl_mutex; check User "
"and Group directives");
return FALSE;
}
#endif
return TRUE;
}
@@ -517,21 +490,23 @@ int ssl_stapling_mutex_reinit(server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
apr_status_t rv;
const char *lockfile;
if (mc->stapling_mutex == NULL) {
return TRUE;
}
lockfile = apr_global_mutex_lockfile(mc->stapling_mutex);
if ((rv = apr_global_mutex_child_init(&mc->stapling_mutex,
mc->stapling_mutex_file, p)) != APR_SUCCESS) {
if (mc->stapling_mutex_file) {
lockfile, p)) != APR_SUCCESS) {
if (lockfile) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot reinit SSLMutex with file `%s'",
mc->szMutexFile);
"Cannot reinit %s mutex with file `%s'",
ssl_stapling_mutex_type, lockfile);
}
else {
ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s,
"Cannot reinit SSLMutex");
"Cannot reinit %s mutex", ssl_stapling_mutex_type);
}
return FALSE;
}

6
server/core.c
View File

@@ -3319,6 +3319,8 @@ AP_INIT_TAKE1("LimitRequestBody", set_limit_req_body,
AP_INIT_TAKE1("LimitXMLRequestBody", set_limit_xml_req_body, NULL, OR_ALL,
"Limit (in bytes) on maximum size of an XML-based request "
"body"),
AP_INIT_TAKE2("Mutex", ap_set_mutex, NULL, RSRC_CONF,
"mutex (or \"default\") and mechanism"),
/* System Resource Controls */
#ifdef RLIMIT_CPU
@@ -3378,14 +3380,10 @@ AP_INIT_TAKE1("PidFile", ap_mpm_set_pidfile, NULL, RSRC_CONF,
"A file for logging the server process ID"),
AP_INIT_TAKE1("ScoreBoardFile", ap_mpm_set_scoreboard, NULL, RSRC_CONF,
"A file for Apache to maintain runtime process management information"),
AP_INIT_TAKE1("LockFile", ap_mpm_set_lockfile, NULL, RSRC_CONF,
"The lockfile used when Apache needs to lock the accept() call (deprecated)"),
AP_INIT_TAKE1("MaxRequestsPerChild", ap_mpm_set_max_requests, NULL, RSRC_CONF,
"Maximum number of requests a particular child serves before dying."),
AP_INIT_TAKE1("CoreDumpDirectory", ap_mpm_set_coredumpdir, NULL, RSRC_CONF,
"The location of the directory Apache changes to before dumping core"),
AP_INIT_TAKE1("AcceptMutex", ap_mpm_set_accept_lock_mech, NULL, RSRC_CONF,
AP_AVAILABLE_MUTEXES_STRING),
AP_INIT_TAKE1("MaxMemFree", ap_mpm_set_max_mem_free, NULL, RSRC_CONF,
"Maximum number of 1k blocks a particular childs allocator may hold."),
AP_INIT_TAKE1("ThreadStackSize", ap_mpm_set_thread_stacksize, NULL, RSRC_CONF,

4
server/main.c
View File

@@ -237,10 +237,6 @@ static void show_compile_settings(void)
printf(" -D DEFAULT_SCOREBOARD=\"" DEFAULT_SCOREBOARD "\"\n");
#endif
#ifdef DEFAULT_LOCKFILE
printf(" -D DEFAULT_LOCKFILE=\"" DEFAULT_LOCKFILE "\"\n");
#endif
#ifdef DEFAULT_ERRORLOG
printf(" -D DEFAULT_ERRORLOG=\"" DEFAULT_ERRORLOG "\"\n");
#endif

5
server/mpm/prefork/mpm_default.h
View File

@@ -46,11 +46,6 @@
#define DEFAULT_MIN_FREE_DAEMON 5
#endif
/* File used for accept locking, when we use a file */
#ifndef DEFAULT_LOCKFILE
#define DEFAULT_LOCKFILE DEFAULT_REL_RUNTIMEDIR "/accept.lock"
#endif
/* Where the main/parent process's pid is logged */
#ifndef DEFAULT_PIDLOG
#define DEFAULT_PIDLOG DEFAULT_REL_RUNTIMEDIR "/httpd.pid"

43
server/mpm/prefork/prefork.c
View File

@@ -41,6 +41,7 @@
#include "http_connection.h"
#include "scoreboard.h"
#include "ap_mpm.h"
#include "util_mutex.h"
#include "unixd.h"
#include "mpm_common.h"
#include "ap_listen.h"
@@ -457,6 +458,7 @@ static void child_main(int child_num_arg)
ap_sb_handle_t *sbh;
apr_bucket_alloc_t *bucket_alloc;
int last_poll_idx = 0;
const char *lockfile;
mpm_state = AP_MPMQ_STARTING; /* for benefit of any hooks that run as this
* child initializes
@@ -487,11 +489,16 @@ static void child_main(int child_num_arg)
/* needs to be done before we switch UIDs so we have permissions */
ap_reopen_scoreboard(pchild, NULL, 0);
status = apr_proc_mutex_child_init(&accept_mutex, ap_lock_fname, pchild);
lockfile = apr_proc_mutex_lockfile(accept_mutex);
status = apr_proc_mutex_child_init(&accept_mutex,
lockfile,
pchild);
if (status != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, status, ap_server_conf,
"Couldn't initialize cross-process lock in child "
"(%s) (%d)", ap_lock_fname, ap_accept_lock_mech);
"(%s) (%s)",
lockfile ? lockfile : "none",
apr_proc_mutex_name(accept_mutex));
clean_child_exit(APEXIT_CHILDFATAL);
}
@@ -908,36 +915,13 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
ap_log_pid(pconf, ap_pid_fname);
/* Initialize cross-process accept lock */
ap_lock_fname = apr_psprintf(_pconf, "%s.%" APR_PID_T_FMT,
ap_server_root_relative(_pconf, ap_lock_fname),
ap_my_pid);
rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
ap_accept_lock_mech, _pconf);
rv = ap_proc_mutex_create(&accept_mutex, ap_accept_mutex_type, NULL, s,
_pconf, 0);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
"Couldn't create accept lock (%s) (%d)",
ap_lock_fname, ap_accept_lock_mech);
mpm_state = AP_MPMQ_STOPPING;
return DONE;
}
#if APR_USE_SYSVSEM_SERIALIZE
if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
#else
if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
#endif
rv = ap_unixd_set_proc_mutex_perms(accept_mutex);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
"Couldn't set permissions on cross-process lock; "
"check User and Group directives");
mpm_state = AP_MPMQ_STOPPING;
return DONE;
}
}
if (!is_graceful) {
if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
mpm_state = AP_MPMQ_STOPPING;
@@ -988,7 +972,7 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
"Server built: %s", ap_get_server_built());
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
"AcceptMutex: %s (default: %s)",
"Accept mutex: %s (default: %s)",
apr_proc_mutex_name(accept_mutex),
apr_proc_mutex_defname());
restart_pending = shutdown_pending = 0;
@@ -1284,6 +1268,8 @@ static int prefork_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp
foreground = ap_exists_config_define("FOREGROUND");
}
ap_mutex_register(p, ap_accept_mutex_type, NULL, APR_LOCK_DEFAULT, 0);
/* sigh, want this only the second time around */
retained = ap_retained_data_get(userdata_key);
if (!retained) {
@@ -1313,7 +1299,6 @@ static int prefork_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp
server_limit = DEFAULT_SERVER_LIMIT;
ap_daemons_limit = server_limit;
ap_pid_fname = DEFAULT_PIDLOG;
ap_lock_fname = DEFAULT_LOCKFILE;
ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
ap_extended_status = 0;
ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;

5
server/mpm/worker/mpm_default.h
View File

@@ -50,11 +50,6 @@
#define DEFAULT_THREADS_PER_CHILD 25
#endif
/* File used for accept locking, when we use a file */
#ifndef DEFAULT_LOCKFILE
#define DEFAULT_LOCKFILE DEFAULT_REL_RUNTIMEDIR "/accept.lock"
#endif
/* Where the main/parent process's pid is logged */
#ifndef DEFAULT_PIDLOG
#define DEFAULT_PIDLOG DEFAULT_REL_RUNTIMEDIR "/httpd.pid"

35
server/mpm/worker/worker.c
View File

@@ -64,6 +64,7 @@
#include "scoreboard.h"
#include "fdqueue.h"
#include "mpm_default.h"
#include "util_mutex.h"
#include "unixd.h"
#include <signal.h>
@@ -1172,7 +1173,8 @@ static void child_main(int child_num_arg)
/*stuff to do before we switch id's, so we have permissions.*/
ap_reopen_scoreboard(pchild, NULL, 0);
rv = SAFE_ACCEPT(apr_proc_mutex_child_init(&accept_mutex, ap_lock_fname,
rv = SAFE_ACCEPT(apr_proc_mutex_child_init(&accept_mutex,
apr_proc_mutex_lockfile(accept_mutex),
pchild));
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
@@ -1692,35 +1694,13 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
ap_log_pid(pconf, ap_pid_fname);
/* Initialize cross-process accept lock */
ap_lock_fname = apr_psprintf(_pconf, "%s.%" APR_PID_T_FMT,
ap_server_root_relative(_pconf, ap_lock_fname),
ap_my_pid);
rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
ap_accept_lock_mech, _pconf);
rv = ap_proc_mutex_create(&accept_mutex, ap_accept_mutex_type, NULL, s,
_pconf, 0);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
"Couldn't create accept lock");
mpm_state = AP_MPMQ_STOPPING;
return DONE;
}
#if APR_USE_SYSVSEM_SERIALIZE
if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
#else
if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
#endif
rv = ap_unixd_set_proc_mutex_perms(accept_mutex);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
"Couldn't set permissions on cross-process lock; "
"check User and Group directives");
mpm_state = AP_MPMQ_STOPPING;
return DONE;
}
}
if (!is_graceful) {
if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
mpm_state = AP_MPMQ_STOPPING;
@@ -1766,7 +1746,7 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
"Server built: %s", ap_get_server_built());
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
"AcceptMutex: %s (default: %s)",
"Accept mutex: %s (default: %s)",
apr_proc_mutex_name(accept_mutex),
apr_proc_mutex_defname());
restart_pending = shutdown_pending = 0;
@@ -1957,6 +1937,8 @@ static int worker_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
foreground = ap_exists_config_define("FOREGROUND");
}
ap_mutex_register(pconf, ap_accept_mutex_type, NULL, APR_LOCK_DEFAULT, 0);
/* sigh, want this only the second time around */
retained = ap_retained_data_get(userdata_key);
if (!retained) {
@@ -1988,7 +1970,6 @@ static int worker_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
threads_per_child = DEFAULT_THREADS_PER_CHILD;
max_clients = ap_daemons_limit * threads_per_child;
ap_pid_fname = DEFAULT_PIDLOG;
ap_lock_fname = DEFAULT_LOCKFILE;
ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
ap_extended_status = 0;
ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;

43
server/mpm_common.c
View File

@@ -253,20 +253,6 @@ const char * ap_mpm_set_scoreboard(cmd_parms *cmd, void *dummy,
return NULL;
}
const char *ap_lock_fname = NULL;
const char *ap_mpm_set_lockfile(cmd_parms *cmd, void *dummy,
const char *arg)
{
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
ap_lock_fname = arg;
return NULL;
}
int ap_max_requests_per_child = 0;
const char *ap_mpm_set_max_requests(cmd_parms *cmd, void *dummy,
@@ -327,35 +313,6 @@ const char * ap_mpm_set_graceful_shutdown(cmd_parms *cmd, void *dummy,
return NULL;
}
apr_lockmech_e ap_accept_lock_mech = APR_LOCK_DEFAULT;
const char *ap_mpm_set_accept_lock_mech(cmd_parms *cmd,
void *dummy,
const char *arg)
{
apr_status_t rv;
const char *lockfile;
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
rv = ap_parse_mutex(arg, cmd->server->process->pool,
&ap_accept_lock_mech, &lockfile);
if ((rv == APR_ENOTIMPL) || (rv == APR_ENOLOCK)) {
return apr_pstrcat(cmd->pool, "Invalid AcceptMutex argument ", arg,
" (" AP_AVAILABLE_MUTEXES_STRING ")", NULL);
} else if (rv == APR_BADARG) {
return apr_pstrcat(cmd->pool, "Invalid AcceptMutex filepath ",
arg, NULL);
}
if (lockfile && !ap_lock_fname)
ap_lock_fname = lockfile;
return NULL;
}
apr_uint32_t ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
const char *ap_mpm_set_max_mem_free(cmd_parms *cmd, void *dummy,

341
server/util_mutex.c
View File

@@ -21,6 +21,7 @@
#include "apr.h"
#include "apr_hash.h"
#include "apr_strings.h"
#include "apr_lib.h"
@@ -31,7 +32,12 @@
#include "httpd.h"
#include "http_main.h"
#include "http_config.h"
#include "http_log.h"
#include "util_mutex.h"
#include "unixd.h"
#ifdef HAVE_UNISTD_H
#include <unistd.h> /* getpid() */
#endif
AP_DECLARE(apr_status_t) ap_parse_mutex(const char *arg, apr_pool_t *pool,
apr_lockmech_e *mutexmech,
@@ -47,16 +53,16 @@ AP_DECLARE(apr_status_t) ap_parse_mutex(const char *arg, apr_pool_t *pool,
}
}
if (!strcasecmp(meth, "none") || !strcasecmp(meth, "no")) {
return APR_ENOLOCK;
}
/* APR determines temporary filename unless overridden below,
* we presume file indicates an mutexfile is a file path
* unless the method sets mutexfile=file and NULLs file
*/
*mutexfile = NULL;
if (!strcasecmp(meth, "none") || !strcasecmp(meth, "no")) {
return APR_ENOLOCK;
}
/* NOTE: previously, 'yes' implied 'sem' */
if (!strcasecmp(meth, "default") || !strcasecmp(meth, "yes")) {
*mutexmech = APR_LOCK_DEFAULT;
@@ -112,3 +118,330 @@ AP_DECLARE(apr_status_t) ap_parse_mutex(const char *arg, apr_pool_t *pool,
return APR_SUCCESS;
}
typedef struct {
apr_int32_t options;
int set;
int none;
apr_lockmech_e mech;
const char *dir;
} mutex_cfg_t;
/* hash is created the first time a module calls ap_mutex_register(),
* rather than attempting to be the REALLY_REALLY_FIRST pre-config
* hook; it is cleaned up when the associated pool goes away; assume
* pconf is the pool passed to ap_mutex_register()
*/
static apr_hash_t *mxcfg_by_type;
static apr_status_t cleanup_mx_hash(void *dummy)
{
mxcfg_by_type = NULL;
return APR_SUCCESS;
}
static void mx_hash_init(apr_pool_t *p)
{
mutex_cfg_t *def;
if (mxcfg_by_type) {
return;
}
mxcfg_by_type = apr_hash_make(p);
apr_pool_cleanup_register(p, NULL, cleanup_mx_hash, apr_pool_cleanup_null);
/* initialize default mutex configuration */
def = apr_pcalloc(p, sizeof *def);
def->mech = APR_LOCK_DEFAULT;
def->dir = DEFAULT_REL_RUNTIMEDIR;
apr_hash_set(mxcfg_by_type, "default", APR_HASH_KEY_STRING, def);
}
AP_DECLARE(const char *) ap_set_mutex(cmd_parms *cmd, void *dummy,
const char *type, const char *mechdir)
{
apr_pool_t *p = cmd->pool;
apr_lockmech_e mech;
apr_status_t rv;
const char *mutexdir;
mutex_cfg_t *mxcfg = apr_hash_get(mxcfg_by_type, type,
APR_HASH_KEY_STRING);
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
if (!mxcfg) {
return apr_psprintf(p, "Mutex type %s is not valid", type);
}
mxcfg->none = 0; /* in case that was the default */
rv = ap_parse_mutex(mechdir, p, &mech, &mutexdir);
if (rv == APR_ENOTIMPL) {
return apr_pstrcat(p, "Invalid Mutex argument ", mechdir,
" (" AP_ALL_AVAILABLE_MUTEXES_STRING ")", NULL);
}
else if (rv == APR_BADARG
|| (mutexdir && !ap_is_directory(p, mutexdir))) {
return apr_pstrcat(p, "Invalid Mutex directory in argument ",
mechdir, NULL);
}
mxcfg->set = 1;
if (rv == APR_ENOLOCK) { /* "none" */
if (!(mxcfg->options & AP_MUTEX_ALLOW_NONE)) {
return apr_psprintf(p,
"None is not allowed for mutex type %s",
type);
}
mxcfg->none = 1;
}
else {
mxcfg->mech = mech;
if (mutexdir) { /* retain mutex default if not configured */
mxcfg->dir = mutexdir;
}
}
return NULL;
}
AP_DECLARE(apr_status_t) ap_mutex_register(apr_pool_t *pconf,
const char *type,
const char *default_dir,
apr_lockmech_e default_mech,
apr_int32_t options)
{
mutex_cfg_t *mxcfg = apr_pcalloc(pconf, sizeof *mxcfg);
if ((options & ~(AP_MUTEX_ALLOW_NONE | AP_MUTEX_DEFAULT_NONE))) {
return APR_EINVAL;
}
mx_hash_init(pconf);
mxcfg->options = options;
if (options & AP_MUTEX_DEFAULT_NONE) {
mxcfg->none = 1;
}
mxcfg->dir = default_dir; /* usually NULL */
mxcfg->mech = default_mech; /* usually APR_LOCK_DEFAULT */
apr_hash_set(mxcfg_by_type, type, APR_HASH_KEY_STRING, mxcfg);
return APR_SUCCESS;
}
static int mutex_needs_file(apr_lockmech_e mech)
{
if (mech != APR_LOCK_FLOCK
&& mech != APR_LOCK_FCNTL
#if APR_USE_FLOCK_SERIALIZE || APR_USE_FCNTL_SERIALIZE
&& mech != APR_LOCK_DEFAULT
#endif
) {
return 0;
}
return 1;
}
static const char *get_mutex_filename(apr_pool_t *p, mutex_cfg_t *mxcfg,
const char *type,
const char *instance_id)
{
const char *pid_suffix = "";
if (!mutex_needs_file(mxcfg->mech)) {
return NULL;
}
#if HAVE_UNISTD_H
pid_suffix = apr_psprintf(p, ".%" APR_PID_T_FMT, getpid());
#endif
return ap_server_root_relative(p,
apr_pstrcat(p,
mxcfg->dir,
"/",
type,
instance_id ? "-" : "",
instance_id ? instance_id : "",
pid_suffix,
NULL));
}
static mutex_cfg_t *mxcfg_lookup(apr_pool_t *p, const char *type)
{
mutex_cfg_t *defcfg, *mxcfg, *newcfg;
defcfg = apr_hash_get(mxcfg_by_type, "default", APR_HASH_KEY_STRING);
/* MUST exist in table, or wasn't registered */
mxcfg = apr_hash_get(mxcfg_by_type, type, APR_HASH_KEY_STRING);
if (!mxcfg) {
return NULL;
}
/* order of precedence:
* 1. Mutex directive for this mutex
* 2. Mutex directive for "default"
* 3. Defaults for this mutex from ap_mutex_register()
* 4. Global defaults
*/
if (mxcfg->set) {
newcfg = mxcfg;
}
else if (defcfg->set) {
newcfg = defcfg;
}
else if (mxcfg->none || mxcfg->mech != APR_LOCK_DEFAULT) {
newcfg = mxcfg;
}
else {
newcfg = defcfg;
}
if (!newcfg->none && mutex_needs_file(newcfg->mech) && !newcfg->dir) {
/* a file-based mutex mechanism was configured, but
* without a mutex file directory; go back through
* the chain to find the directory, store in new
* mutex cfg structure
*/
newcfg = apr_pmemdup(p, newcfg, sizeof *newcfg);
/* !true if dir not already set: mxcfg->set && defcfg->dir */
if (defcfg->set && defcfg->dir) {
newcfg->dir = defcfg->dir;
}
else if (mxcfg->dir) {
newcfg->dir = mxcfg->dir;
}
else {
newcfg->dir = defcfg->dir;
}
}
return newcfg;
}
static void log_bad_create_options(server_rec *s, const char *type)
{
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
"Invalid options were specified when creating the %s mutex",
type);
}
static void log_unknown_type(server_rec *s, const char *type)
{
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
"Can't create mutex of unknown type %s", type);
}
static void log_create_failure(apr_status_t rv, server_rec *s, const char *type,
const char *fname)
{
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
"Couldn't create the %s mutex %s%s%s", type,
fname ? "(file " : "",
fname ? fname : "",
fname ? ")" : "");
}
static void log_perms_failure(apr_status_t rv, server_rec *s, const char *type)
{
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
"Couldn't set permissions on the %s mutex; "
"check User and Group directives",
type);
}
AP_DECLARE(apr_status_t) ap_global_mutex_create(apr_global_mutex_t **mutex,
const char *type,
const char *instance_id,
server_rec *s, apr_pool_t *p,
apr_int32_t options)
{
apr_status_t rv;
const char *fname;
mutex_cfg_t *mxcfg = mxcfg_lookup(p, type);
if (options) {
log_bad_create_options(s, type);
return APR_EINVAL;
}
if (!mxcfg) {
log_unknown_type(s, type);
return APR_EINVAL;
}
if (mxcfg->none) {
*mutex = NULL;
return APR_SUCCESS;
}
fname = get_mutex_filename(p, mxcfg, type, instance_id);
rv = apr_global_mutex_create(mutex, fname, mxcfg->mech, p);
if (rv != APR_SUCCESS) {
log_create_failure(rv, s, type, fname);
return rv;
}
#ifdef AP_NEED_SET_MUTEX_PERMS
rv = ap_unixd_set_global_mutex_perms(*mutex);
if (rv != APR_SUCCESS) {
log_perms_failure(rv, s, type);
return rv;
}
#endif
return APR_SUCCESS;
}
AP_DECLARE(apr_status_t) ap_proc_mutex_create(apr_proc_mutex_t **mutex,
const char *type,
const char *instance_id,
server_rec *s, apr_pool_t *p,
apr_int32_t options)
{
apr_status_t rv;
const char *fname;
mutex_cfg_t *mxcfg = mxcfg_lookup(p, type);
if (options) {
log_bad_create_options(s, type);
return APR_EINVAL;
}
if (!mxcfg) {
log_unknown_type(s, type);
return APR_EINVAL;
}
if (mxcfg->none) {
*mutex = NULL;
return APR_SUCCESS;
}
fname = get_mutex_filename(p, mxcfg, type, instance_id);
rv = apr_proc_mutex_create(mutex, fname, mxcfg->mech, p);
if (rv != APR_SUCCESS) {
log_create_failure(rv, s, type, fname);
return rv;
}
#ifdef AP_NEED_SET_MUTEX_PERMS
rv = ap_unixd_set_proc_mutex_perms(*mutex);
if (rv != APR_SUCCESS) {
log_perms_failure(rv, s, type);
return rv;
}
#endif
return APR_SUCCESS;
}

4
test/make_sni.sh
View File

@@ -209,8 +209,8 @@ SSLSessionCache none
# Note that this SSL configuration is far
# from complete - you propably will want
# to configure SSLMutex-es and SSLSession
# Caches at the very least.
# to configure SSLSession Caches at the
# very least.
<Directory />
Options None