- Feb 25, 2008
-
-
Joe Orton authored
Use the ap_provider interface for session cache storage providers. * modules/ssl/mod_ssl.c (modssl_register_scache): New function. (ssl_register_hooks): Call it. * modules/ssl/ssl_private.h: Define MODSSL_SESSCACHE_PROVIDER_GROUP and MODSSL_SESSCACHE_PROVIDER_VERSION constants. Remove ssl_scmode_t type. Change nSessionCacheMode in SSLModConfigRec into a long sesscache_mode, storing the OpenSSL SSL_SESS_CACHE_* flags directly. * modules/ssl/ssl_engine_config.c (ssl_config_global_create): Set sesscache_mode to SSL_SESS_CACHE_OFF by default. (ssl_cmd_SSLSessionCache): Remove ifdef spaghetti; fetch configured session cache by provider name. Set mc->sesscache_mode for configured providers. * modules/ssl/ssl_engine_init.c (ssl_init_ctx_session_cache): Use the configured mode flags directly from mc->sesscache_mode. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631000 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
r630974; create the subpool. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630990 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Move provider-specific configuration handling down into the provider code. Eliminate all use of SSLModConfigRec within provider code. * modules/ssl/ssl_private.h (modssl_sesscache_provider): Add 'create' function which creates and configures the cache provider, before initialisation. Change 'init' function to take the context pointer as an input parameter, and reorder to be first. * modules/ssl/ssl_scache.c (ssl_scache_init): Adjust accordingly. * modules/ssl/ssl_scache_memcache.c (struct context): Add servers field. (ssl_scache_mc_create): New function. (ssl_scache_mc_init): Use servers from context not SSLModConfigRec. * modules/ssl/ssl_scache_dbm.c (struct context): Define. (ssl_scache_dbm_create): New function. (ssl_scache_dbm_init, ssl_scache_dbm_kill): Adjust to use filename and pool from context. (ssl_scache_dbm_store, ssl_scache_dbm_retrieve, ssl_scache_dbm_status): Use filename from context. Use context pool for temp storage of the DBM object, and clear before use. (ssl_scache_dbm_expire): Remove static tLast; use last_expiry from context. Use context pool for temp storage and clear before use. * modules/ssl/ssl_scache_dc.c (struct context): Add target field. (ssl_scache_dc_init, ssl_scache_dc_status): Use target from context. * modules/ssl/ssl_scache_shmcb.c (struct context): Add data_file, shm_size fields. (ssl_scache_shmcb_create): New function; moved argument parsing logic from ssl_cmd_SSLSessionCache (ssl_scache_shmcb_init, ssl_scache_shmcb_status): Use config from context. * modules/ssl/ssl_engine_config.c (ssl_config_global_create): Remove handling of old provider-specific fields. (ssl_cmd_SSLSessionCache): Call provider ->create function to parse the argument and create provider-specific context structure. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630974 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
value of sk_X509_NAME_set_cmp_func to void, to avoid warnings with recent version of OpenSSL. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630858 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
code and update the comment. No functional change. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630805 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
modssl_sesscache_provider objects. Found by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630795 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
on success. * modules/ssl/ssl_scache_dc.c (ssl_scache_dc_retrieve): Likewise. Found by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630787 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
shmcbc_subcache_remove): Restore check for idx->removed flag. Found by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630786 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 23, 2008
-
-
Guenter Knauf authored
Submitted by Kaspar Brand. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630436 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 22, 2008
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630350 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
- Fix the same race condition in event MPM. - Slightly optimize code in worker MPM by removing the need for an additional dereference operation. - Do some word smithing on the CHANGES entry. PR: 44402 Submitted by: Basant Kumar Kukreja <basant.kukreja sun.com> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630348 13f79535-47bb-0310-9956-ffa450edef68
-
Nick Kew authored
PR44402: reported and fixed by Basant Kumar Kukreja git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630335 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Move provider-private context out of SSLModConfigRec and into an opaque context pointer. Use real error propagation in the ->init functions rather than ssl_die(). * modules/ssl/ssl_private.h (modssl_sesscache_provider): Take a context out-parameter from ->init, and return an apr_status_t. Add context pointer as first arg for the other function types. (SSLModConfigRec): Remove tSessionCacheData* fields; add sesscache_context field. * modules/ssl/ssl_scache.c (ssl_scache_init): Move once-per-process invocation check back into here. (ssl_scache_*): Adjust to use context pointer. * modules/ssl/ssl_scache_shmcb.c, modules/ssl/ssl_scache_dc.c, modules/ssl/ssl_scache_dbm.c: Adjust all implementations to use opaque context pointer. * modules/ssl/ssl_scache_memcache.c: Move memcache context into the context structure rather than using global state. * modules/ssl/ssl_engine_config.c: Remove handling of pSessionCacheData* fields in SSLModConfigRec. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630323 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
storage providers; includes a significant change to the shmcb storage structure: * modules/ssl/ssl_private.h (modssl_sesscache_provider): Change retrieve function to take dest/destlen output buffer, to take a constant id paramater, and to return a BOOL. * modules/ssl/ssl_scache.c (ssl_scache_retrieve): Update accordingly, perform SSL deserialization here. * modules/ssl/ssl_scache_dc.c (ssl_scache_dc_retrieve), modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_retrieve), modules/ssl/ssl_scache_memcache.c (ssl_scache_mc_retrieve): Update accordingly. * modules/ssl/ssl_scache_shmcb.c: Store the whole ID in the cache before the data, so that each index can be compared against the requested ID without deserializing the data. This requires approx 20% extra storage per session in the common case, though should reduce CPU overhead in some retrieval paths. (SHMCBIndex): Replace s_id2 field with id_len. (shmcb_cyclic_memcmp): New function. (ssl_scache_shmcb_init): Change the heuristics to allow for increase in per-session storage requirement. (ssl_scache_shmcb_retrieve): Drop requirement on ID length. (shmcb_subcache_store): Store the ID in the cyclic buffer. (shmcb_subcache_retrieve, shmcb_subcache_remove): Compare against the stored ID rather than deserializing the data. (ssl_scache_shmcb_retrieve, ssl_scache_shmcb_store): Update accordingly. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630307 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630289 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
used by shmcb (hopefully :), before some invasive surgery. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630228 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
storage providers: * modules/ssl/ssl_private.h (modssl_sesscache_provider): Change 'store' interface to take a data/length pair rather than an SSL_SESSION pointer. * modules/ssl/ssl_scache.c (ssl_scache_store): Serialize the SSL session here and pass down the raw DER. * modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c, modules/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Adjust ->store implementations accordingly, removing the four sets of identical code doing the i2d dance. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630168 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
step towards use of the ap_provider interface: * modules/ssl/ssl_private.h (modssl_sesscache_provider): Add new vtable type. (SSLModConfigRec): Reference the vtable here. Replace all the ssl_scache_* prototypes with provider vtable objects. * modules/ssl/ssl_scache.c (ssl_scache_init, ssl_scache_kill, ssl_scache_retrieve, ssl_scache_store, ssl_scache_remove, ssl_ext_status_hook): Use callbacks from vtable rather than ifdef spaghetti. * modules/ssl/ssl_engine_init.c (ssl_init_ctx_session_cache): Only install the OpenSSL callbacks if a vtable is configured. * modules/ssl/ssl_engine_config.c (ssl_cmd_SSLSessionCache): Set up vtable pointer. * modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c: Adjust to make implementations static, and add vtable definition. * modules/ssl_scache_shmcb.c: Likewise; also move the init one-per-process requirement down here. * modules/ssl_scache_dbm.c: Likewise; also (temporarily) use a local subpool in the store callback. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630163 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630139 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 21, 2008
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629985 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
TranslateAllMimeTypes (only about 18 hours old) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629915 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629879 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 20, 2008
-
-
Eric Covener authored
CharsetOptions, allowing the administrator to skip the mimetype checking that precedes translation. PR 44458 [Eric Covener] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629615 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
next filter pass. PR: 44447 Submitted by: Harald Niesche <harald brokenerror.de> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629456 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 19, 2008
-
-
Paul Querna authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629218 13f79535-47bb-0310-9956-ffa450edef68
-
Paul Querna authored
rather than the current time as a seed. PR: 31440 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629164 13f79535-47bb-0310-9956-ffa450edef68
-
Paul Querna authored
PR: 31440 Submited by: Andreas Krennmair <ak synflood.at> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@629159 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 18, 2008
-
-
Jim Jagielski authored
can safely be quick, no matter what. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@628864 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@628771 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@628762 13f79535-47bb-0310-9956-ffa450edef68
-
Nick Kew authored
PR 43711 Reported & tested by Ragini Bisraya Patch by Chetan Reddy Reviewed: niq git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@628644 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 14, 2008
-
-
Roy T. Fielding authored
of credit from our distribution files, even if they are out of date. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627857 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
a Good Idea. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627819 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Via current discussion on dev@httpd git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627764 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
a valid octet here. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627740 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
remove the current "list" of people for now, maybe add link to httpd.apache.org or http://people.apache.org/~jim/projects.html#httpd instead git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627733 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627730 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627729 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627728 13f79535-47bb-0310-9956-ffa450edef68
-
Dirk-Willem van Gulik authored
information - i.e. SSLCARevocationFile/SSLCARevocationPath - is set on a per-vhost basis (don't know how much sense it makes to have non-global CRLs, but anyway...). The attached patch (47B2B1A7.1060009@velox.ch on httpd-dev) addresses this issue, and it also improves the logging behavior for an SNI enabled configuration (previously some of the messages would always go to the first vhost, or wouldn't appear at all, depending on the LogLevel of the first vhost). reviewed: dirkx git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627699 13f79535-47bb-0310-9956-ffa450edef68
-