www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

Right now SSLMutex is bogus. It just uses APR_LOCK_DEFAULT no

Browse Source 
matter what. We now allow for the full range of APR mutex
locking mechanims to be used, while maintaining backwards
compatibility.

PR: 8122
Obtained from:
Submitted by:
Reviewed by:	William Rowe


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98771 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jim Jagielski
2003-02-23 17:12:43 +00:00
parent ee1225a25e
commit 694eb48bae
5 changed files with 125 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@@ -2,6 +2,11 @@ Changes with Apache 2.1.0-dev
[Remove entries to the current 2.0 section below, when backported]
*) Allow SSLMutex to select/use the full range of APR locking
mechanisms available to it. Also, fix the bug that SSLMutex uses
APR_LOCK_DEFAULT no matter what. PR 8122 [Jim Jagielski,
martin.t.kutschker@blackbox.net (Martin Kutschker)]
*) Return 413 if chunk-ext-header is too long rather than reading from
the truncated line. PR 15857. [Justin Erenkrantz]

29
modules/ssl/mod_ssl.c
View File

@@ -79,13 +79,36 @@
#define AP_END_CMD { NULL }
const char ssl_valid_ssl_mutex_string[] =
"Valid SSLMutex mechanisms are: `none', `default'"
#if APR_HAS_FLOCK_SERIALIZE
", `flock:/path/to/file'"
#endif
#if APR_HAS_FCNTL_SERIALIZE
", `fcntl:/path/to/file'"
#endif
#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
", `sysvsem'"
#endif
#if APR_HAS_POSIXSEM_SERIALIZE
", `posixsem'"
#endif
#if APR_HAS_PROC_PTHREAD_SERIALIZE
", `pthread'"
#endif
#if APR_HAS_FLOCK_SERIALIZE || APR_HAS_FCNTL_SERIALIZE
", `file:/path/to/file'"
#endif
#if (APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)) || APR_HAS_POSIXSEM_SERIALIZE
", `sem'"
#endif
" ";
static const command_rec ssl_config_cmds[] = {
/*
* Global (main-server) context configuration directives
*/
SSL_CMD_SRV(Mutex, TAKE1,
"SSL lock for handling internal mutual exclusions "
"(`none', `file:/path/to/file')")
SSL_CMD_SRV(Mutex, TAKE1, ssl_valid_ssl_mutex_string)
SSL_CMD_SRV(PassPhraseDialog, TAKE1,
"SSL dialog mechanism for the pass phrase query "
"(`builtin', `|/path/to/pipe_program`, "

4
modules/ssl/mod_ssl.h
View File

@@ -420,6 +420,7 @@ typedef struct {
apr_rmm_t *pSessionCacheDataRMM;
apr_table_t *tSessionCacheDataTable;
ssl_mutexmode_t nMutexMode;
apr_lockmech_e nMutexMech;
const char *szMutexFile;
apr_global_mutex_t *pMutex;
apr_array_header_t *aRandSeed;
@@ -529,6 +530,9 @@ typedef struct {
/* API glue structures */
extern module AP_MODULE_DECLARE_DATA ssl_module;
/* "global" stuff */
extern const char ssl_valid_ssl_mutex_string[];
/* configuration handling */
SSLModConfigRec *ssl_config_global_create(server_rec *);
void ssl_config_global_fix(SSLModConfigRec *);

74
modules/ssl/ssl_engine_config.c
View File

@@ -99,6 +99,7 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s)
mc->pSessionCacheDataRMM = NULL;
mc->tSessionCacheDataTable = NULL;
mc->nMutexMode = SSL_MUTEXMODE_UNSET;
mc->nMutexMech = APR_LOCK_DEFAULT;
mc->szMutexFile = NULL;
mc->pMutex = NULL;
mc->aRandSeed = apr_array_make(pool, 4,
@@ -383,6 +384,60 @@ const char *ssl_cmd_SSLMutex(cmd_parms *cmd,
if (strcEQ(arg, "none") || strcEQ(arg, "no")) {
mc->nMutexMode = SSL_MUTEXMODE_NONE;
}
/* NOTE: previously, 'yes' implied 'sem' */
else if (strcEQ(arg, "default") || strcEQ(arg, "yes")) {
mc->nMutexMode = SSL_MUTEXMODE_USED;
mc->nMutexMech = APR_LOCK_DEFAULT;
mc->szMutexFile = NULL; /* APR determines temporary filename */
}
#if APR_HAS_FLOCK_SERIALIZE
else if (strlen(arg) > 6 && strcEQn(arg, "flock:", 6)) {
const char *file = ap_server_root_relative(cmd->pool, arg+6);
if (!file) {
return apr_pstrcat(cmd->pool, "Invalid SSLMutex flock: path ",
arg+6, NULL);
}
mc->nMutexMode = SSL_MUTEXMODE_USED;
mc->nMutexMech = APR_LOCK_FLOCK;
mc->szMutexFile = apr_psprintf(mc->pPool, "%s.%lu",
file, (unsigned long)getpid());
}
#endif
#if APR_HAS_FCNTL_SERIALIZE
else if (strlen(arg) > 6 && strcEQn(arg, "fcntl:", 6)) {
const char *file = ap_server_root_relative(cmd->pool, arg+6);
if (!file) {
return apr_pstrcat(cmd->pool, "Invalid SSLMutex fcntl: path ",
arg+6, NULL);
}
mc->nMutexMode = SSL_MUTEXMODE_USED;
mc->nMutexMech = APR_LOCK_FCNTL;
mc->szMutexFile = apr_psprintf(mc->pPool, "%s.%lu",
file, (unsigned long)getpid());
}
#endif
#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
else if (strcEQ(arg, "sysvsem")) {
mc->nMutexMode = SSL_MUTEXMODE_USED;
mc->nMutexMech = APR_LOCK_SYSVSEM;
mc->szMutexFile = NULL; /* APR determines temporary filename */
}
#endif
#if APR_HAS_POSIXSEM_SERIALIZE
else if (strcEQ(arg, "posixsem")) {
mc->nMutexMode = SSL_MUTEXMODE_USED;
mc->nMutexMech = APR_LOCK_POSIXSEM;
mc->szMutexFile = NULL; /* APR determines temporary filename */
}
#endif
#if APR_HAS_PROC_PTHREAD_SERIALIZE
else if (strcEQ(arg, "pthread")) {
mc->nMutexMode = SSL_MUTEXMODE_USED;
mc->nMutexMech = APR_LOCK_PROC_PTHREAD;
mc->szMutexFile = NULL; /* APR determines temporary filename */
}
#endif
#if APR_HAS_FLOCK_SERIALIZE || APR_HAS_FCNTL_SERIALIZE
else if (strlen(arg) > 5 && strcEQn(arg, "file:", 5)) {
const char *file = ap_server_root_relative(cmd->pool, arg+5);
if (!file) {
@@ -390,17 +445,32 @@ const char *ssl_cmd_SSLMutex(cmd_parms *cmd,
arg+5, NULL);
}
mc->nMutexMode = SSL_MUTEXMODE_USED;
#if APR_HAS_FLOCK_SERIALIZE
mc->nMutexMech = APR_LOCK_FLOCK;
#endif
#if APR_HAS_FCNTL_SERIALIZE
mc->nMutexMech = APR_LOCK_FCNTL;
#endif
mc->szMutexFile =
apr_psprintf(mc->pPool, "%s.%lu",
file, (unsigned long)getpid());
}
else if (strcEQ(arg, "sem") || strcEQ(arg, "yes")) {
#endif
#if (APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)) || APR_HAS_POSIXSEM_SERIALIZE
else if (strcEQ(arg, "sem")) {
mc->nMutexMode = SSL_MUTEXMODE_USED;
#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
mc->nMutexMech = APR_LOCK_SYSVSEM;
#endif
#if APR_HAS_POSIXSEM_SERIALIZE
mc->nMutexMech = APR_LOCK_POSIXSEM;
#endif
mc->szMutexFile = NULL; /* APR determines temporary filename */
}
#endif
else {
return apr_pstrcat(cmd->pool, "Invalid SSLMutex argument ",
arg, NULL);
arg, " (", ssl_valid_ssl_mutex_string, ")", NULL);
}
return NULL;

23
modules/ssl/ssl_engine_mutex.c
View File

@@ -75,9 +75,13 @@ int ssl_mutex_init(server_rec *s, apr_pool_t *p)
if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile,
APR_LOCK_DEFAULT, p)) != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot create SSLMutex file `%s'",
mc->szMutexFile);
if (mc->szMutexFile)
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot create SSLMutex with file `%s'",
mc->szMutexFile);
else
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot create SSLMutex");
return FALSE;
}
@@ -96,13 +100,22 @@ int ssl_mutex_init(server_rec *s, apr_pool_t *p)
int ssl_mutex_reinit(server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
apr_status_t rv;
if (mc->nMutexMode == SSL_MUTEXMODE_NONE)
return TRUE;
if (apr_global_mutex_child_init(&mc->pMutex,
mc->szMutexFile, p) != APR_SUCCESS)
if ((rv = apr_global_mutex_child_init(&mc->pMutex,
mc->szMutexFile, p)) != APR_SUCCESS) {
if (mc->szMutexFile)
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Cannot reinit SSLMutex with file `%s'",
mc->szMutexFile);
else
ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s,
"Cannot reinit SSLMutex");
return FALSE;
}
return TRUE;
}