storage providers:
* modules/ssl/ssl_private.h (modssl_sesscache_provider): Change
'store' interface to take a data/length pair rather than an
SSL_SESSION pointer.
* modules/ssl/ssl_scache.c (ssl_scache_store): Serialize the SSL
session here and pass down the raw DER.
* modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c,
modules/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Adjust ->store
implementations accordingly, removing the four sets of identical
code doing the i2d dance.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630168
13f79535-47bb-0310-9956-
ffa450edef68
void (*init)(server_rec *s, apr_pool_t *pool);
void (*destroy)(server_rec *s);
BOOL (*store)(server_rec *s, UCHAR *id, int idlen,
- time_t expiry, SSL_SESSION *session);
+ time_t expiry,
+ unsigned char *data, unsigned int datalen);
SSL_SESSION *(*retrieve)(server_rec *s, UCHAR *id, int idlen,
apr_pool_t *pool);
void (*delete)(server_rec *s, UCHAR *id, int idlen, apr_pool_t *pool);
apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
-
- return mc->sesscache->store(s, id, idlen, expiry, sess);
+ unsigned char encoded[SSL_SESSION_MAX_DER], *ptr;
+ unsigned int len;
+
+ /* Serialise the session. */
+ len = i2d_SSL_SESSION(sess, NULL);
+ if (len > sizeof encoded) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+ "session is too big (%u bytes)", len);
+ return FALSE;
+ }
+
+ ptr = encoded;
+ len = i2d_SSL_SESSION(sess, &ptr);
+
+ return mc->sesscache->store(s, id, idlen, expiry, encoded, len);
}
SSL_SESSION *ssl_scache_retrieve(server_rec *s, UCHAR *id, int idlen,
}
static BOOL ssl_scache_dbm_store(server_rec *s, UCHAR *id, int idlen,
- time_t expiry, SSL_SESSION *sess)
+ time_t expiry,
+ unsigned char *ucaData, unsigned int nData)
{
SSLModConfigRec *mc = myModConfig(s);
apr_dbm_t *dbm;
apr_datum_t dbmkey;
apr_datum_t dbmval;
- UCHAR ucaData[SSL_SESSION_MAX_DER];
- int nData;
- UCHAR *ucp;
apr_status_t rv;
apr_pool_t *p;
* cleared each time is needed. */
apr_pool_create(&p, s->process->pool);
- /* streamline session data */
- if ((nData = i2d_SSL_SESSION(sess, NULL)) > sizeof(ucaData)) {
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
- "streamline session data size too large: %d > "
- "%" APR_SIZE_T_FMT,
- nData, sizeof(ucaData));
- return FALSE;
- }
- ucp = ucaData;
- i2d_SSL_SESSION(sess, &ucp);
-
/* be careful: do not try to store too much bytes in a DBM file! */
#ifdef PAIRMAX
if ((idlen + nData) >= PAIRMAX) {
}
static BOOL ssl_scache_dc_store(server_rec *s, UCHAR *id, int idlen,
- time_t timeout, SSL_SESSION * pSession)
+ time_t timeout,
+ unsigned char *der, unsigned int der_len)
{
- unsigned char der[SSL_SESSION_MAX_DER];
- int der_len;
- unsigned char *pder = der;
SSLModConfigRec *mc = myModConfig(s);
DC_CTX *ctx = mc->tSessionCacheDataTable;
- /* Serialise the SSL_SESSION object */
- if ((der_len = i2d_SSL_SESSION(pSession, NULL)) > SSL_SESSION_MAX_DER)
- return FALSE;
- i2d_SSL_SESSION(pSession, &pder);
/* !@#$%^ - why do we deal with *absolute* time anyway??? */
timeout -= time(NULL);
/* Send the serialised session to the distributed cache context */
}
static BOOL ssl_scache_mc_store(server_rec *s, UCHAR *id, int idlen,
- time_t timeout, SSL_SESSION *pSession)
+ time_t timeout,
+ unsigned char *ucaData, unsigned int nData)
{
char buf[MC_KEY_LEN];
char *strkey = NULL;
- UCHAR ucaData[SSL_SESSION_MAX_DER];
- UCHAR *ucp;
- int nData;
apr_status_t rv;
- /* streamline session data */
- if ((nData = i2d_SSL_SESSION(pSession, NULL)) > sizeof(ucaData)) {
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
- "scache_mc: streamline session data size too large: %d > "
- "%" APR_SIZE_T_FMT,
- nData, sizeof(ucaData));
- return FALSE;
- }
-
- ucp = ucaData;
- i2d_SSL_SESSION(pSession, &ucp);
-
strkey = mc_session_id2sz(id, idlen, buf, sizeof(buf));
if(!strkey) {
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "scache_mc: Key generation borked.");
}
static BOOL ssl_scache_shmcb_store(server_rec *s, UCHAR *id, int idlen,
- time_t timeout, SSL_SESSION * pSession)
+ time_t timeout,
+ unsigned char *encoded,
+ unsigned int len_encoded)
{
SSLModConfigRec *mc = myModConfig(s);
BOOL to_return = FALSE;
- unsigned char encoded[SSL_SESSION_MAX_DER];
- unsigned char *ptr_encoded;
- unsigned int len_encoded;
SHMCBHeader *header = mc->tSessionCacheDataTable;
SHMCBSubcache *subcache = SHMCB_MASK(header, id);
"(%u bytes)", idlen);
goto done;
}
- /* Serialise the session. */
- len_encoded = i2d_SSL_SESSION(pSession, NULL);
- if (len_encoded > SSL_SESSION_MAX_DER) {
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
- "session is too big (%u bytes)", len_encoded);
- goto done;
- }
- ptr_encoded = encoded;
- len_encoded = i2d_SSL_SESSION(pSession, &ptr_encoded);
if (!shmcb_subcache_store(s, header, subcache, encoded,
len_encoded, id, timeout)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
projects / apache / commitdiff