www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-05 16:55:50 +03:00
Code Activity

Catch up ssl to socache store expiry change, and clarify what the code is doing

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@907918 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
William A. Rowe Jr
2010-02-09 03:44:04 +00:00
parent 3cc4b9db61
commit dcac7e0552
4 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/ssl/ssl_engine_kernel.c
View File

@@ -1812,9 +1812,10 @@ int ssl_callback_NewSessionCacheEntry(SSL *ssl, SSL_SESSION *session)
id = SSL_SESSION_get_session_id(session); id = SSL_SESSION_get_session_id(session);
idlen = SSL_SESSION_get_session_id_length(session); idlen = SSL_SESSION_get_session_id_length(session);
timeout += modssl_session_get_time(session); rc = ssl_scache_store(s, id, idlen,
apr_time_from_sec(modssl_session_get_time(session)
rc = ssl_scache_store(s, id, idlen, timeout, session, conn->pool); + timeout),
session, conn->pool);
ssl_session_log(s, "SET", id, idlen, ssl_session_log(s, "SET", id, idlen,
rc == TRUE ? "OK" : "BAD", rc == TRUE ? "OK" : "BAD",

2
modules/ssl/ssl_private.h
View File

@@ -642,7 +642,7 @@ void ssl_scache_init(server_rec *, apr_pool_t *);
void ssl_scache_status_register(apr_pool_t *p); void ssl_scache_status_register(apr_pool_t *p);
void ssl_scache_kill(server_rec *); void ssl_scache_kill(server_rec *);
BOOL ssl_scache_store(server_rec *, UCHAR *, int, BOOL ssl_scache_store(server_rec *, UCHAR *, int,
time_t, SSL_SESSION *, apr_pool_t *); apr_time_t, SSL_SESSION *, apr_pool_t *);
SSL_SESSION *ssl_scache_retrieve(server_rec *, UCHAR *, int, apr_pool_t *); SSL_SESSION *ssl_scache_retrieve(server_rec *, UCHAR *, int, apr_pool_t *);
void ssl_scache_remove(server_rec *, UCHAR *, int, void ssl_scache_remove(server_rec *, UCHAR *, int,
apr_pool_t *); apr_pool_t *);

2
modules/ssl/ssl_scache.c
View File

@@ -113,7 +113,7 @@ void ssl_scache_kill(server_rec *s)
} }
BOOL ssl_scache_store(server_rec *s, UCHAR *id, int idlen, BOOL ssl_scache_store(server_rec *s, UCHAR *id, int idlen,
time_t expiry, SSL_SESSION *sess, apr_time_t expiry, SSL_SESSION *sess,
apr_pool_t *p) apr_pool_t *p)
{ {
SSLModConfigRec *mc = myModConfig(s); SSLModConfigRec *mc = myModConfig(s);

12
modules/ssl/ssl_util_stapling.c
View File

@@ -184,7 +184,7 @@ static BOOL stapling_cache_response(server_rec *s, modssl_ctx_t *mctx,
unsigned char *p; unsigned char *p;
int resp_derlen; int resp_derlen;
BOOL rv; BOOL rv;
time_t timeout; apr_time_t expiry;
resp_derlen = i2d_OCSP_RESPONSE(rsp, NULL) + 1; resp_derlen = i2d_OCSP_RESPONSE(rsp, NULL) + 1;
@@ -200,25 +200,25 @@ static BOOL stapling_cache_response(server_rec *s, modssl_ctx_t *mctx,
return FALSE; return FALSE;
} }
p = resp_der; p = resp_der;
/* TODO: potential optimization; _timeout members as apr_interval_time_t */
if (ok == TRUE) { if (ok == TRUE) {
*p++ = 1; *p++ = 1;
timeout = mctx->stapling_cache_timeout; expiry = apr_time_from_sec(mctx->stapling_cache_timeout);
} }
else { else {
*p++ = 0; *p++ = 0;
timeout = mctx->stapling_errcache_timeout; expiry = apr_time_from_sec(mctx->stapling_errcache_timeout);
} }
timeout += apr_time_sec(apr_time_now()); expiry += apr_time_now();
i2d_OCSP_RESPONSE(rsp, &p); i2d_OCSP_RESPONSE(rsp, &p);
rv = mc->stapling_cache->store(mc->stapling_cache_context, s, rv = mc->stapling_cache->store(mc->stapling_cache_context, s,
cinf->idx, sizeof(cinf->idx), cinf->idx, sizeof(cinf->idx),
timeout, resp_der, resp_derlen, pool); expiry, resp_der, resp_derlen, pool);
if (rv != APR_SUCCESS) { if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
"stapling_cache_response: OCSP response session store error!"); "stapling_cache_response: OCSP response session store error!");