Skip to content
  1. Feb 22, 2008
    • Joe Orton's avatar
      Session cache interface redesign, Part 3: · d3e1af8b
      Joe Orton authored 
      Move provider-private context out of SSLModConfigRec and into an
opaque context pointer.  Use real error propagation in the ->init
functions rather than ssl_die().

* modules/ssl/ssl_private.h (modssl_sesscache_provider): Take a
  context out-parameter from ->init, and return an apr_status_t.
  Add context pointer as first arg for the other function types.
  (SSLModConfigRec): Remove tSessionCacheData* fields; add
  sesscache_context field.

* modules/ssl/ssl_scache.c (ssl_scache_init): Move once-per-process
  invocation check back into here.  
  (ssl_scache_*): Adjust to use context pointer.

* modules/ssl/ssl_scache_shmcb.c, modules/ssl/ssl_scache_dc.c,
  modules/ssl/ssl_scache_dbm.c: Adjust all implementations to use
  opaque context pointer.

* modules/ssl/ssl_scache_memcache.c: Move memcache context into the
  context structure rather than using global state.

* modules/ssl/ssl_engine_config.c: Remove handling of
  pSessionCacheData* fields in SSLModConfigRec.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630323 13f79535-47bb-0310-9956-ffa450edef68
      d3e1af8b
    • Joe Orton's avatar
      Move SSL session data deserialization up out of the session cache · c55b84c7
      Joe Orton authored 
      storage providers; includes a significant change to the shmcb storage
structure:

* modules/ssl/ssl_private.h (modssl_sesscache_provider): Change
  retrieve function to take dest/destlen output buffer, to take a
  constant id paramater, and to return a BOOL.

* modules/ssl/ssl_scache.c (ssl_scache_retrieve): Update accordingly,
  perform SSL deserialization here.

* modules/ssl/ssl_scache_dc.c (ssl_scache_dc_retrieve),
  modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_retrieve),
  modules/ssl/ssl_scache_memcache.c (ssl_scache_mc_retrieve):
  Update accordingly.

* modules/ssl/ssl_scache_shmcb.c: Store the whole ID in the cache
  before the data, so that each index can be compared against the
  requested ID without deserializing the data.  This requires approx
  20% extra storage per session in the common case, though should
  reduce CPU overhead in some retrieval paths.
  (SHMCBIndex): Replace s_id2 field with id_len.
  (shmcb_cyclic_memcmp): New function.
  (ssl_scache_shmcb_init): Change the heuristics to allow for increase
  in per-session storage requirement.
  (ssl_scache_shmcb_retrieve): Drop requirement on ID length.
  (shmcb_subcache_store): Store the ID in the cyclic buffer.
  (shmcb_subcache_retrieve, shmcb_subcache_remove): Compare against
  the stored ID rather than deserializing the data.
  (ssl_scache_shmcb_retrieve, ssl_scache_shmcb_store): Update
  accordingly.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630307 13f79535-47bb-0310-9956-ffa450edef68
      c55b84c7
    • Eric Covener's avatar
      A note about SSL handshake data and mod_logio · 12f3bc92
      Eric Covener authored 
      

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630289 13f79535-47bb-0310-9956-ffa450edef68
      12f3bc92
    • Joe Orton's avatar
      * modules/ssl/ssl_scache_shmcb.c: Describe the data structures · 24a63c7e
      Joe Orton authored 
      used by shmcb (hopefully :), before some invasive surgery.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630228 13f79535-47bb-0310-9956-ffa450edef68
      24a63c7e
    • Joe Orton's avatar
      Move SSL session data serialization up out of the session cache · e085cd8a
      Joe Orton authored 
      storage providers:

* modules/ssl/ssl_private.h (modssl_sesscache_provider): Change
  'store' interface to take a data/length pair rather than an
  SSL_SESSION pointer.

* modules/ssl/ssl_scache.c (ssl_scache_store): Serialize the SSL 
  session here and pass down the raw DER.

* modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c,
  modules/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Adjust ->store
  implementations accordingly, removing the four sets of identical
  code doing the i2d dance.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630168 13f79535-47bb-0310-9956-ffa450edef68
      e085cd8a
    • Joe Orton's avatar
      Re-implement the SSL session cache abstraction using a vtable; first · 41d347a3
      Joe Orton authored 
      step towards use of the ap_provider interface:

* modules/ssl/ssl_private.h (modssl_sesscache_provider): Add new
  vtable type.
  (SSLModConfigRec): Reference the vtable here.
  Replace all the ssl_scache_* prototypes with provider vtable objects.

* modules/ssl/ssl_scache.c (ssl_scache_init, ssl_scache_kill, 
  ssl_scache_retrieve, ssl_scache_store, ssl_scache_remove,
  ssl_ext_status_hook): Use callbacks from vtable rather than ifdef
  spaghetti.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_session_cache):
  Only install the OpenSSL callbacks if a vtable is configured.

* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLSessionCache): Set up
  vtable pointer.

* modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c: Adjust to make
  implementations static, and add vtable definition.

* modules/ssl_scache_shmcb.c: Likewise; also move the init
  one-per-process requirement down here.

* modules/ssl_scache_dbm.c: Likewise; also (temporarily) use a local
  subpool in the store callback.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630163 13f79535-47bb-0310-9956-ffa450edef68
      41d347a3
    • Joe Orton's avatar
      * support/htpasswd.c (seed_rand): Fix compiler warning. · abfb67ba
      Joe Orton authored 
      
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630139 13f79535-47bb-0310-9956-ffa450edef68
      abfb67ba
  3. Feb 21, 2008
  5. Feb 20, 2008
  7. Feb 19, 2008
  9. Feb 18, 2008
  11. Feb 14, 2008
  13. Feb 13, 2008
  15. Feb 12, 2008