Axe out SSL_USE_SDBM stuff, i.e., get rid of the local SDBM copy and use

 o The complete EAPI-based SSL_VENDOR stuff was removed.

 o The complete EAPI-based SSL_COMPAT stuff was removed.

 MAJOR CHANGES 

 The following major changes were made between mod_ssl 2.x

 from Apache 1.3 and this mod_ssl version for Apache 2.0:

 o The DBM based session cache is now based on APR's DBM API only.

#ifndef WIN32

#define SSL_DBM_FILE_MODE ( S_IRUSR|S_IWUSR )

#else

#define SSL_USE_SDBM

#define SSL_DBM_FILE_MODE ( _S_IREAD|_S_IWRITE )

#endif

#ifdef SSL_USE_SDBM

#include "ssl_util_sdbm.h"

#define ssl_dbm_open     sdbm_open

#define ssl_dbm_close    sdbm_close

#define ssl_dbm_store    sdbm_store

#define ssl_dbm_fetch    sdbm_fetch

#define ssl_dbm_delete   sdbm_delete

#define ssl_dbm_firstkey sdbm_firstkey

#define ssl_dbm_nextkey  sdbm_nextkey

#define SSL_DBM_FILE_SUFFIX_DIR ".dir"

#define SSL_DBM_FILE_SUFFIX_PAG ".pag"

#else /* !SSL_USE_SDBM */

#if defined(__GLIBC__) && defined(__GLIBC_MINOR__) \

    && __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 1

#include <db1/ndbm.h>

#else

#include <ndbm.h>

#endif

#define ssl_dbm_open     dbm_open

#define ssl_dbm_close    dbm_close

#define ssl_dbm_store    dbm_store

#define ssl_dbm_fetch    dbm_fetch

#define ssl_dbm_delete   dbm_delete

#define ssl_dbm_firstkey dbm_firstkey

#define ssl_dbm_nextkey  dbm_nextkey

#if !defined(SSL_DBM_FILE_SUFFIX_DIR) && !defined(SSL_DBM_FILE_SUFFIX_PAG)

#if defined(DBM_SUFFIX)

#define SSL_DBM_FILE_SUFFIX_DIR DBM_SUFFIX

#define SSL_DBM_FILE_SUFFIX_PAG ".pag"

#endif

#endif

#endif /* !SSL_USE_SDBM */

/*

 * Check for OpenSSL version 

void ssl_scache_dbm_init(server_rec *s, pool *p)

{

    SSLModConfigRec *mc = myModConfig();

    DBM *dbm;

    apr_dbm_t *dbm;

    /* for the DBM we need the data file */

    if (mc->szSessionCacheDataFile == NULL) {

    /* open it once to create it and to make sure it _can_ be created */

    ssl_mutex_on(s);

    if ((dbm = ssl_dbm_open(mc->szSessionCacheDataFile,

    if ((dbm = apr_dbm_open(mc->szSessionCacheDataFile,

                            O_RDWR|O_CREAT, SSL_DBM_FILE_MODE)) == NULL) {

        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                "Cannot create SSLSessionCache DBM file `%s'",

        ssl_mutex_off(s);

        return;

    }

    ssl_dbm_close(dbm);

    apr_dbm_close(dbm);

#if !defined(OS2) && !defined(WIN32)

    /*

BOOL ssl_scache_dbm_store(server_rec *s, UCHAR *id, int idlen, time_t expiry, SSL_SESSION *sess)

{

    SSLModConfigRec *mc = myModConfig();

    DBM *dbm;

    datum dbmkey;

    datum dbmval;

    apr_dbm_t *dbm;

    apr_datum_t dbmkey;

    apr_datum_t dbmval;

    UCHAR ucaData[SSL_SESSION_MAX_DER];

    int nData;

    UCHAR *ucp;

    nData = i2d_SSL_SESSION(sess, &ucp);

    /* be careful: do not try to store too much bytes in a DBM file! */

#ifdef SSL_USE_SDBM

#ifdef PAIRMAX

    if ((idlen + nData) >= PAIRMAX)

        return FALSE;

#else

    /* and store it to the DBM file */

    ssl_mutex_on(s);

    if ((dbm = ssl_dbm_open(mc->szSessionCacheDataFile,

    if ((dbm = apr_dbm_open(mc->szSessionCacheDataFile,

                            O_RDWR, SSL_DBM_FILE_MODE)) == NULL) {

        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                "Cannot open SSLSessionCache DBM file `%s' for writing (store)",

        free(dbmval.dptr);

        return FALSE;

    }

    if (ssl_dbm_store(dbm, dbmkey, dbmval, DBM_INSERT) < 0) {

    if (apr_dbm_store(dbm, dbmkey, dbmval, DBM_INSERT) < 0) {

        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                "Cannot store SSL session to DBM file `%s'",

                mc->szSessionCacheDataFile);

        ssl_dbm_close(dbm);

        apr_dbm_close(dbm);

        ssl_mutex_off(s);

        free(dbmval.dptr);

        return FALSE;

    }

    ssl_dbm_close(dbm);

    apr_dbm_close(dbm);

    ssl_mutex_off(s);

    /* free temporary buffers */

SSL_SESSION *ssl_scache_dbm_retrieve(server_rec *s, UCHAR *id, int idlen)

{

    SSLModConfigRec *mc = myModConfig();

    DBM *dbm;

    datum dbmkey;

    datum dbmval;

    apr_dbm_t *dbm;

    apr_datum_t dbmkey;

    apr_datum_t dbmval;

    SSL_SESSION *sess = NULL;

    UCHAR *ucpData;

    int nData;

    /* and fetch it from the DBM file */

    ssl_mutex_on(s);

    if ((dbm = ssl_dbm_open(mc->szSessionCacheDataFile,

    if ((dbm = apr_dbm_open(mc->szSessionCacheDataFile,

                            O_RDONLY, SSL_DBM_FILE_MODE)) == NULL) {

        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                "Cannot open SSLSessionCache DBM file `%s' for reading (fetch)",

        ssl_mutex_off(s);

        return NULL;

    }

    dbmval = ssl_dbm_fetch(dbm, dbmkey);

    ssl_dbm_close(dbm);

    dbmval = apr_dbm_fetch(dbm, dbmkey);

    apr_dbm_close(dbm);

    ssl_mutex_off(s);

    /* immediately return if not found */

void ssl_scache_dbm_remove(server_rec *s, UCHAR *id, int idlen)

{

    SSLModConfigRec *mc = myModConfig();

    DBM *dbm;

    datum dbmkey;

    apr_dbm_t *dbm;

    apr_datum_t dbmkey;

    /* create DBM key and values */

    dbmkey.dptr  = (char *)id;

    /* and delete it from the DBM file */

    ssl_mutex_on(s);

    if ((dbm = ssl_dbm_open(mc->szSessionCacheDataFile,

    if ((dbm = apr_dbm_open(mc->szSessionCacheDataFile,

                            O_RDWR, SSL_DBM_FILE_MODE)) == NULL) {

        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                "Cannot open SSLSessionCache DBM file `%s' for writing (delete)",

        ssl_mutex_off(s);

        return;

    }

    ssl_dbm_delete(dbm, dbmkey);

    ssl_dbm_close(dbm);

    apr_dbm_delete(dbm, dbmkey);

    apr_dbm_close(dbm);

    ssl_mutex_off(s);

    return;

    SSLModConfigRec *mc = myModConfig();

    SSLSrvConfigRec *sc = mySrvConfig(s);

    static time_t tLast = 0;

    DBM *dbm;

    datum dbmkey;

    datum dbmval;

    apr_dbm_t *dbm;

    apr_datum_t dbmkey;

    apr_datum_t dbmval;

    pool *p;

    time_t tExpiresAt;

    int nElements = 0;

    int nDeleted = 0;

    int bDelete;

    datum *keylist;

    apr_datum_t *keylist;

    int keyidx;

    int i;

    time_t tNow;

        /* pass 1: scan DBM database */

        keyidx = 0;

        if ((dbm = ssl_dbm_open(mc->szSessionCacheDataFile,

        if ((dbm = apr_dbm_open(mc->szSessionCacheDataFile,

                                O_RDWR, SSL_DBM_FILE_MODE)) == NULL) {

            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                    "Cannot open SSLSessionCache DBM file `%s' for scanning",

            ap_destroy_pool(p);

            break;

        }

        dbmkey = ssl_dbm_firstkey(dbm);

        dbmkey = apr_dbm_firstkey(dbm);

        while (dbmkey.dptr != NULL) {

            nElements++;

            bDelete = FALSE;

            dbmval = ssl_dbm_fetch(dbm, dbmkey);

            dbmval = apr_dbm_fetch(dbm, dbmkey);

            if (dbmval.dsize <= sizeof(time_t) || dbmval.dptr == NULL)

                bDelete = TRUE;

            else {

                        break;

                }

            }

            dbmkey = ssl_dbm_nextkey(dbm);

            dbmkey = apr_dbm_nextkey(dbm);

        }

        ssl_dbm_close(dbm);

        apr_dbm_close(dbm);

        /* pass 2: delete expired elements */

        if ((dbm = ssl_dbm_open(mc->szSessionCacheDataFile,

        if ((dbm = apr_dbm_open(mc->szSessionCacheDataFile,

                                O_RDWR, SSL_DBM_FILE_MODE)) == NULL) {

            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                    "Cannot re-open SSLSessionCache DBM file `%s' for expiring",

            break;

        }

        for (i = 0; i < keyidx; i++) {

            ssl_dbm_delete(dbm, keylist[i]);

            apr_dbm_delete(dbm, keylist[i]);

            nDeleted++;

        }

        ssl_dbm_close(dbm);

        apr_dbm_close(dbm);

        /* destroy temporary pool */

        ap_destroy_pool(p);

void ssl_scache_dbm_status(server_rec *s, pool *p, void (*func)(char *, void *), void *arg)

{

    SSLModConfigRec *mc = myModConfig();

    DBM *dbm;

    datum dbmkey;

    datum dbmval;

    apr_dbm_t *dbm;

    apr_datum_t dbmkey;

    apr_datum_t dbmval;

    int nElem;

    int nSize;

    int nAverage;

    nElem = 0;

    nSize = 0;

    ssl_mutex_on(s);

    if ((dbm = ssl_dbm_open(mc->szSessionCacheDataFile,

    if ((dbm = apr_dbm_open(mc->szSessionCacheDataFile,

                            O_RDONLY, SSL_DBM_FILE_MODE)) == NULL) {

        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,

                "Cannot open SSLSessionCache DBM file `%s' for status retrival",

        ssl_mutex_off(s);

        return;

    }

    dbmkey = ssl_dbm_firstkey(dbm);

    for ( ; dbmkey.dptr != NULL; dbmkey = ssl_dbm_nextkey(dbm)) {

        dbmval = ssl_dbm_fetch(dbm, dbmkey);

    dbmkey = apr_dbm_firstkey(dbm);

    for ( ; dbmkey.dptr != NULL; dbmkey = apr_dbm_nextkey(dbm)) {

        dbmval = apr_dbm_fetch(dbm, dbmkey);

        if (dbmval.dptr == NULL)

            continue;

        nElem += 1;

        nSize += dbmval.dsize;

    }

    ssl_dbm_close(dbm);

    apr_dbm_close(dbm);

    ssl_mutex_off(s);

    if (nSize > 0 && nElem > 0)

        nAverage = nSize / nElem;

/*                      _             _

**  _ __ ___   ___   __| |    ___ ___| |  mod_ssl

** | '_ ` _ \ / _ \ / _` |   / __/ __| |  Apache Interface to OpenSSL

** | | | | | | (_) | (_| |   \__ \__ \ |  www.modssl.org

** |_| |_| |_|\___/ \__,_|___|___/___/_|  ftp.modssl.org

**                      |_____|

**  ssl_util_sdbm.c

**  Built-in Simple DBM (Header)

*/

/* ====================================================================

 * The Apache Software License, Version 1.1

 *

 * Copyright (c) 2000-2001 The Apache Software Foundation.  All rights

 * reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer.

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. The end-user documentation included with the redistribution,

 *    if any, must include the following acknowledgment:

 *       "This product includes software developed by the

 *        Apache Software Foundation (http://www.apache.org/)."

 *    Alternately, this acknowledgment may appear in the software itself,

 *    if and wherever such third-party acknowledgments normally appear.

 *

 * 4. The names "Apache" and "Apache Software Foundation" must

 *    not be used to endorse or promote products derived from this

 *    software without prior written permission. For written

 *    permission, please contact apache@apache.org.

 *

 * 5. Products derived from this software may not be called "Apache",

 *    nor may "Apache" appear in their name, without prior written

 *    permission of the Apache Software Foundation.

 *

 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED

 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

 * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT

 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 * ====================================================================

 */

/*

 * sdbm - ndbm work-alike hashed database library

 * based on Per-Ake Larson's Dynamic Hashing algorithms. BIT 18 (1978).

 * author: oz@nexus.yorku.ca

 * status: public domain.

 */

#ifndef SSL_UTIL_SDBM_H

#define SSL_UTIL_SDBM_H

#if 0 /* XXX */

#define DUFF    /* go ahead and use the loop-unrolled version */

#include <stdio.h>

#ifdef MOD_SSL

#define DBLKSIZ 16384                   /* SSL cert chains require more */

#define PBLKSIZ 8192                    /* SSL cert chains require more */

#define PAIRMAX 8008                    /* arbitrary on PBLKSIZ-N */

#else

#define DBLKSIZ 4096

#define PBLKSIZ 1024

#define PAIRMAX 1008                    /* arbitrary on PBLKSIZ-N */

#endif

#define SPLTMAX 10                      /* maximum allowed splits */

                                        /* for a single insertion */

#define DIRFEXT ".dir"

#define PAGFEXT ".pag"

typedef struct {

        int dirf;                      /* directory file descriptor */

        int pagf;                      /* page file descriptor */

        int flags;                     /* status/error flags, see below */

        long maxbno;                   /* size of dirfile in bits */

        long curbit;                   /* current bit number */

        long hmask;                    /* current hash mask */

        long blkptr;                   /* current block for nextkey */

        int keyptr;                    /* current key for nextkey */

        long blkno;                    /* current page to read/write */

        long pagbno;                   /* current page in pagbuf */

        char pagbuf[PBLKSIZ];          /* page file block buffer */

        long dirbno;                   /* current block in dirbuf */

        char dirbuf[DBLKSIZ];          /* directory file block buffer */

} DBM;

#define DBM_RDONLY      0x1            /* data base open read-only */

#define DBM_IOERR       0x2            /* data base I/O error */

/*

 * utility macros

 */

#define sdbm_rdonly(db)         ((db)->flags & DBM_RDONLY)

#define sdbm_error(db)          ((db)->flags & DBM_IOERR)

#define sdbm_clearerr(db)       ((db)->flags &= ~DBM_IOERR)  /* ouch */

#define sdbm_dirfno(db) ((db)->dirf)

#define sdbm_pagfno(db) ((db)->pagf)

typedef struct {

        char *dptr;

        int dsize;

} datum;

extern datum nullitem;

#ifdef __STDC__

#define proto(p) p

#else

#define proto(p) ()

#endif

/*

 * flags to sdbm_store

 */

#define DBM_INSERT      0

#define DBM_REPLACE     1

/*

 * ndbm interface

 */

extern DBM *sdbm_open proto((char *, int, int));

extern void sdbm_close proto((DBM *));

extern datum sdbm_fetch proto((DBM *, datum));

extern int sdbm_delete proto((DBM *, datum));

extern int sdbm_store proto((DBM *, datum, datum, int));

extern datum sdbm_firstkey proto((DBM *));

extern datum sdbm_nextkey proto((DBM *));

/*

 * other

 */

extern DBM *sdbm_prep proto((char *, char *, int, int));

extern long sdbm_hash proto((char *, int));

/* pair.h */

extern int fitpair proto((char *, int));

extern void  putpair proto((char *, datum, datum));

extern datum    getpair proto((char *, datum));

extern int  delpair proto((char *, datum));

extern int  chkpage proto((char *));

extern datum getnkey proto((char *, int));

extern void splpage proto((char *, char *, long));

extern int duppair proto((char *, datum));

/* tune.h */

/*

 * sdbm - ndbm work-alike hashed database library

 * tuning and portability constructs [not nearly enough]

 * author: oz@nexus.yorku.ca

 */

#define BYTESIZ         8

/*

 * important tuning parms (hah)

 */

#define SEEDUPS                 /* always detect duplicates */

#define BADMESS                 /* generate a message for worst case:

                                   cannot make room after SPLTMAX splits */

/*

 * misc

 */

#ifdef DEBUG

#define debug(x)        printf x

#else

#define debug(x)

#endif

#endif /* XXX */

#endif /* SSL_UTIL_SDBM_H */