* modules/ssl/ssl_engine_vars.c (ssl_var_register): Take a pool

argument; determine library version strings once at startup.
(ssl_var_lookup_ssl_version): Drop 'pp' argument; use new global
variables rather than modifying process-global state in a function
which must be thread-safe.  (all callers changed)

* modules/ssl/mod_ssl.c (ssl_register_hooks): Pass pool to
  ssl_var_register.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@591384 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
index e16032258f6581814055801d46ef9b07c3faae82..8511228374a486e008bd19ac7bff7953e0bac20e 100644 (file)
--- a/modules/ssl/mod_ssl.c
+++ b/modules/ssl/mod_ssl.c
@@ -482,7 +482,7 @@ static void ssl_register_hooks(apr_pool_t *p)
     ap_hook_insert_filter (ssl_hook_Insert_Filter, NULL,NULL, APR_HOOK_MIDDLE);
 /*    ap_hook_handler       (ssl_hook_Upgrade,       NULL,NULL, APR_HOOK_MIDDLE); */
 
-    ssl_var_register();
+    ssl_var_register(p);
 
     APR_REGISTER_OPTIONAL_FN(ssl_proxy_enable);
     APR_REGISTER_OPTIONAL_FN(ssl_engine_disable);

diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index 7f4df61f6bf8b360e8763d8a0aaf1e05b64ecd2b..50b6e460017ed04ab8f11aea8b5d68e3b7d0cb09 100644 (file)
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -49,7 +49,7 @@ static char *ssl_var_lookup_ssl_cert_PEM(apr_pool_t *p, X509 *xs);
 static char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, conn_rec *c);
 static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var);
 static void  ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize);
-static char *ssl_var_lookup_ssl_version(apr_pool_t *pp, apr_pool_t *p, char *var);
+static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var);
 static char *ssl_var_lookup_ssl_compress_meth(SSL *ssl);
 
 static int ssl_is_https(conn_rec *c)
@@ -58,12 +58,32 @@ static int ssl_is_https(conn_rec *c)
     return sslconn && sslconn->ssl;
 }
 
-void ssl_var_register(void)
+static const char var_interface[] = "mod_ssl/" MOD_SSL_VERSION;
+static char var_library_interface[] = SSL_LIBRARY_TEXT;
+static char *var_library = NULL;
+
+void ssl_var_register(apr_pool_t *p)
 {
+    char *cp, *cp2;
+
     APR_REGISTER_OPTIONAL_FN(ssl_is_https);
     APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
     APR_REGISTER_OPTIONAL_FN(ssl_ext_list);
-    return;
+
+    /* Perform once-per-process library version determination: */
+    var_library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT);
+    
+    if ((cp = strchr(var_library, ' ')) != NULL) {
+        *cp = '/';
+        if ((cp2 = strchr(cp, ' ')) != NULL)
+            *cp2 = NUL;
+    }
+
+    if ((cp = strchr(var_library_interface, ' ')) != NULL) {
+        *cp = '/';
+        if ((cp2 = strchr(cp, ' ')) != NULL)
+            *cp2 = NUL;
+    }
 }
 
 /* This function must remain safe to use for a non-SSL connection. */
@@ -190,7 +210,7 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
      */
     if (result == NULL) {
         if (strlen(var) > 12 && strcEQn(var, "SSL_VERSION_", 12))
-            result = ssl_var_lookup_ssl_version(s->process->pool, p, var+12);
+            result = ssl_var_lookup_ssl_version(p, var+12);
         else if (strcEQ(var, "SERVER_SOFTWARE"))
             result = ap_get_server_banner();
         else if (strcEQ(var, "API_VERSION")) {
@@ -262,8 +282,7 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, char *var)
 
     ssl = sslconn->ssl;
     if (strlen(var) > 8 && strcEQn(var, "VERSION_", 8)) {
-        result = ssl_var_lookup_ssl_version(c->base_server->process->pool,
-                                            p, var+8);
+        result = ssl_var_lookup_ssl_version(p, var+8);
     }
     else if (ssl != NULL && strcEQ(var, "PROTOCOL")) {
         result = (char *)SSL_get_version(ssl);
@@ -634,41 +653,18 @@ static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algke
     return;
 }
 
-static char *ssl_var_lookup_ssl_version(apr_pool_t *pp, apr_pool_t *p, char *var)
+static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var)
 {
-    static const char interface[] = "mod_ssl/" MOD_SSL_VERSION;
-    static char library_interface[] = SSL_LIBRARY_TEXT;
-    static char *library = NULL;
-    char *result;
-  
-    if (!library) {
-        char *cp, *cp2;
-        library = apr_pstrdup(pp, SSL_LIBRARY_DYNTEXT);
-        if ((cp = strchr(library, ' ')) != NULL) {
-            *cp = '/';
-            if ((cp2 = strchr(cp, ' ')) != NULL)
-                *cp2 = NUL;
-        }
-        if ((cp = strchr(library_interface, ' ')) != NULL) {
-            *cp = '/';
-            if ((cp2 = strchr(cp, ' ')) != NULL)
-                *cp2 = NUL;
-        }
-    }
-
     if (strEQ(var, "INTERFACE")) {
-        result = apr_pstrdup(p, interface);
+        return apr_pstrdup(p, var_interface);
     }
     else if (strEQ(var, "LIBRARY_INTERFACE")) {
-        result = apr_pstrdup(p, library_interface);
+        return apr_pstrdup(p, var_library_interface);
     }
     else if (strEQ(var, "LIBRARY")) {
-        result = apr_pstrdup(p, library);
-    }
-    else {
-        result = NULL;
+        return apr_pstrdup(p, var_library);
     }
-    return result;
+    return NULL;
 }
   
 

diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 487450dbc7c9de0a4910f8a36c7c2f3291c37243..a2592cd6784b403d8301f3b65a03225677269220 100644 (file)
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -680,7 +680,9 @@ void         ssl_die(void);
 void         ssl_log_ssl_error(const char *, int, int, server_rec *);
 
 /**  Variables  */
-void         ssl_var_register(void);
+
+/* Register variables for the lifetime of the process pool 'p'. */
+void         ssl_var_register(apr_pool_t *p);
 char        *ssl_var_lookup(apr_pool_t *, server_rec *, conn_rec *, request_rec *, char *);
 apr_array_header_t *ssl_ext_list(apr_pool_t *p, conn_rec *c, int peer, const char *extension);