Skip to content
  1. Feb 22, 2008
    • Joe Orton's avatar
      Session cache interface redesign, Part 3: · d3e1af8b
      Joe Orton authored
      Move provider-private context out of SSLModConfigRec and into an
      opaque context pointer.  Use real error propagation in the ->init
      functions rather than ssl_die().
      
      * modules/ssl/ssl_private.h (modssl_sesscache_provider): Take a
        context out-parameter from ->init, and return an apr_status_t.
        Add context pointer as first arg for the other function types.
        (SSLModConfigRec): Remove tSessionCacheData* fields; add
        sesscache_context field.
      
      * modules/ssl/ssl_scache.c (ssl_scache_init): Move once-per-process
        invocation check back into here.  
        (ssl_scache_*): Adjust to use context pointer.
      
      * modules/ssl/ssl_scache_shmcb.c, modules/ssl/ssl_scache_dc.c,
        modules/ssl/ssl_scache_dbm.c: Adjust all implementations to use
        opaque context pointer.
      
      * modules/ssl/ssl_scache_memcache.c: Move memcache context into the
        context structure rather than using global state.
      
      * modules/ssl/ssl_engine_config.c: Remove handling of
        pSessionCacheData* fields in SSLModConfigRec.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630323 13f79535-47bb-0310-9956-ffa450edef68
      d3e1af8b
    • Joe Orton's avatar
      Move SSL session data deserialization up out of the session cache · c55b84c7
      Joe Orton authored
      storage providers; includes a significant change to the shmcb storage
      structure:
      
      * modules/ssl/ssl_private.h (modssl_sesscache_provider): Change
        retrieve function to take dest/destlen output buffer, to take a
        constant id paramater, and to return a BOOL.
      
      * modules/ssl/ssl_scache.c (ssl_scache_retrieve): Update accordingly,
        perform SSL deserialization here.
      
      * modules/ssl/ssl_scache_dc.c (ssl_scache_dc_retrieve),
        modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_retrieve),
        modules/ssl/ssl_scache_memcache.c (ssl_scache_mc_retrieve):
        Update accordingly.
      
      * modules/ssl/ssl_scache_shmcb.c: Store the whole ID in the cache
        before the data, so that each index can be compared against the
        requested ID without deserializing the data.  This requires approx
        20% extra storage per session in the common case, though should
        reduce CPU overhead in some retrieval paths.
        (SHMCBIndex): Replace s_id2 field with id_len.
        (shmcb_cyclic_memcmp): New function.
        (ssl_scache_shmcb_init): Change the heuristics to allow for increase
        in per-session storage requirement.
        (ssl_scache_shmcb_retrieve): Drop requirement on ID length.
        (shmcb_subcache_store): Store the ID in the cyclic buffer.
        (shmcb_subcache_retrieve, shmcb_subcache_remove): Compare against
        the stored ID rather than deserializing the data.
        (ssl_scache_shmcb_retrieve, ssl_scache_shmcb_store): Update
        accordingly.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630307 13f79535-47bb-0310-9956-ffa450edef68
      c55b84c7
    • Eric Covener's avatar
      A note about SSL handshake data and mod_logio · 12f3bc92
      Eric Covener authored
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630289 13f79535-47bb-0310-9956-ffa450edef68
      12f3bc92
    • Joe Orton's avatar
      * modules/ssl/ssl_scache_shmcb.c: Describe the data structures · 24a63c7e
      Joe Orton authored
      used by shmcb (hopefully :), before some invasive surgery.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630228 13f79535-47bb-0310-9956-ffa450edef68
      24a63c7e
    • Joe Orton's avatar
      Move SSL session data serialization up out of the session cache · e085cd8a
      Joe Orton authored
      storage providers:
      
      * modules/ssl/ssl_private.h (modssl_sesscache_provider): Change
        'store' interface to take a data/length pair rather than an
        SSL_SESSION pointer.
      
      * modules/ssl/ssl_scache.c (ssl_scache_store): Serialize the SSL 
        session here and pass down the raw DER.
      
      * modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c,
        modules/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Adjust ->store
        implementations accordingly, removing the four sets of identical
        code doing the i2d dance.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630168 13f79535-47bb-0310-9956-ffa450edef68
      e085cd8a
    • Joe Orton's avatar
      Re-implement the SSL session cache abstraction using a vtable; first · 41d347a3
      Joe Orton authored
      step towards use of the ap_provider interface:
      
      * modules/ssl/ssl_private.h (modssl_sesscache_provider): Add new
        vtable type.
        (SSLModConfigRec): Reference the vtable here.
        Replace all the ssl_scache_* prototypes with provider vtable objects.
      
      * modules/ssl/ssl_scache.c (ssl_scache_init, ssl_scache_kill, 
        ssl_scache_retrieve, ssl_scache_store, ssl_scache_remove,
        ssl_ext_status_hook): Use callbacks from vtable rather than ifdef
        spaghetti.
      
      * modules/ssl/ssl_engine_init.c (ssl_init_ctx_session_cache):
        Only install the OpenSSL callbacks if a vtable is configured.
      
      * modules/ssl/ssl_engine_config.c (ssl_cmd_SSLSessionCache): Set up
        vtable pointer.
      
      * modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c: Adjust to make
        implementations static, and add vtable definition.
      
      * modules/ssl_scache_shmcb.c: Likewise; also move the init
        one-per-process requirement down here.
      
      * modules/ssl_scache_dbm.c: Likewise; also (temporarily) use a local
        subpool in the store callback.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630163 13f79535-47bb-0310-9956-ffa450edef68
      41d347a3
    • Joe Orton's avatar
      * support/htpasswd.c (seed_rand): Fix compiler warning. · abfb67ba
      Joe Orton authored
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630139 13f79535-47bb-0310-9956-ffa450edef68
      abfb67ba
  2. Feb 21, 2008
  3. Feb 20, 2008
  4. Feb 19, 2008
  5. Feb 18, 2008
  6. Feb 14, 2008
  7. Feb 13, 2008
  8. Feb 12, 2008