mc->nSessionCacheDataSize = 0;
mc->pSessionCacheDataMM = NULL;
mc->pSessionCacheDataRMM = NULL;
- mc->tSessionCacheDataTable = NULL;
+ mc->sesscache = NULL;
mc->nMutexMode = SSL_MUTEXMODE_UNSET;
mc->nMutexMech = APR_LOCK_DEFAULT;
mc->szMutexFile = NULL;
}
else if ((arglen > 4) && strcEQn(arg, "dbm:", 4)) {
mc->nSessionCacheMode = SSL_SCMODE_DBM;
+ mc->sesscache = &modssl_sesscache_dbm;
mc->szSessionCacheDataFile = ap_server_root_relative(mc->pPool, arg+4);
if (!mc->szSessionCacheDataFile) {
return apr_psprintf(cmd->pool,
return MODSSL_NO_SHARED_MEMORY_ERROR;
#endif
mc->nSessionCacheMode = SSL_SCMODE_SHMCB;
+ mc->sesscache = &modssl_sesscache_shmcb;
colon = ap_strchr_c(arg, ':');
mc->szSessionCacheDataFile =
ap_server_root_relative(mc->pPool, colon+1);
else if ((arglen > 3) && strcEQn(arg, "dc:", 3)) {
#ifdef HAVE_DISTCACHE
mc->nSessionCacheMode = SSL_SCMODE_DC;
+ mc->sesscache = &modssl_sesscache_dc;
mc->szSessionCacheDataFile = apr_pstrdup(mc->pPool, arg+3);
if (!mc->szSessionCacheDataFile) {
return apr_pstrcat(cmd->pool,
else if ((arglen > 3) && strcEQn(arg, "memcache:", 9)) {
#ifdef HAVE_SSL_CACHE_MEMCACHE
mc->nSessionCacheMode = SSL_SCMODE_MC;
+ mc->sesscache = &modssl_sesscache_mc;
mc->szSessionCacheDataFile = apr_pstrdup(mc->pPool, arg+9);
if (!mc->szSessionCacheDataFile) {
return apr_pstrcat(cmd->pool,
SSL_CTX_set_session_cache_mode(ctx, cache_mode);
- SSL_CTX_sess_set_new_cb(ctx, ssl_callback_NewSessionCacheEntry);
- SSL_CTX_sess_set_get_cb(ctx, ssl_callback_GetSessionCacheEntry);
- SSL_CTX_sess_set_remove_cb(ctx, ssl_callback_DelSessionCacheEntry);
+ if (mc->sesscache) {
+ SSL_CTX_sess_set_new_cb(ctx, ssl_callback_NewSessionCacheEntry);
+ SSL_CTX_sess_set_get_cb(ctx, ssl_callback_GetSessionCacheEntry);
+ SSL_CTX_sess_set_remove_cb(ctx, ssl_callback_DelSessionCacheEntry);
+ }
}
static void ssl_init_ctx_callbacks(server_rec *s,
int non_ssl_request;
} SSLConnRec;
+/* Session cache provider vtable. */
+typedef struct {
+ void (*init)(server_rec *s, apr_pool_t *pool);
+ void (*destroy)(server_rec *s);
+ BOOL (*store)(server_rec *s, UCHAR *id, int idlen,
+ time_t expiry, SSL_SESSION *session);
+ SSL_SESSION *(*retrieve)(server_rec *s, UCHAR *id, int idlen,
+ apr_pool_t *pool);
+ void (*delete)(server_rec *s, UCHAR *id, int idlen, apr_pool_t *pool);
+ void (*status)(request_rec *r, int flags, apr_pool_t *pool);
+} modssl_sesscache_provider;
+
typedef struct {
pid_t pid;
apr_pool_t *pPool;
apr_shm_t *pSessionCacheDataMM;
apr_rmm_t *pSessionCacheDataRMM;
void *tSessionCacheDataTable;
+
+ /* The configured provider: */
+ const modssl_sesscache_provider *sesscache;
+
ssl_mutexmode_t nMutexMode;
apr_lockmech_e nMutexMech;
const char *szMutexFile;
void ssl_scache_remove(server_rec *, UCHAR *, int,
apr_pool_t *);
-char *ssl_scache_id2sz(UCHAR *, int);
-void ssl_scache_dbm_init(server_rec *, apr_pool_t *);
-void ssl_scache_dbm_kill(server_rec *);
-BOOL ssl_scache_dbm_store(server_rec *, UCHAR *, int,
- time_t, SSL_SESSION *, apr_pool_t *);
-SSL_SESSION *ssl_scache_dbm_retrieve(server_rec *, UCHAR *, int,
- apr_pool_t *);
-void ssl_scache_dbm_remove(server_rec *, UCHAR *, int,
- apr_pool_t *);
-void ssl_scache_dbm_status(request_rec *r, int flags, apr_pool_t *);
-
-void ssl_scache_shmcb_init(server_rec *, apr_pool_t *);
-void ssl_scache_shmcb_kill(server_rec *);
-BOOL ssl_scache_shmcb_store(server_rec *, UCHAR *, int, time_t, SSL_SESSION *);
-SSL_SESSION *ssl_scache_shmcb_retrieve(server_rec *, UCHAR *, int);
-void ssl_scache_shmcb_remove(server_rec *, UCHAR *, int);
-void ssl_scache_shmcb_status(request_rec *r, int flags, apr_pool_t *pool);
-
-void ssl_scache_dc_init(server_rec *, apr_pool_t *);
-void ssl_scache_dc_kill(server_rec *);
-BOOL ssl_scache_dc_store(server_rec *, UCHAR *, int, time_t, SSL_SESSION *);
-SSL_SESSION *ssl_scache_dc_retrieve(server_rec *, UCHAR *, int);
-void ssl_scache_dc_remove(server_rec *, UCHAR *, int);
-void ssl_scache_dc_status(request_rec *r, int flags, apr_pool_t *pool);
+const modssl_sesscache_provider modssl_sesscache_shmcb;
+const modssl_sesscache_provider modssl_sesscache_dbm;
+
+#ifdef HAVE_DISTCACHE
+const modssl_sesscache_provider modssl_sesscache_dc;
+#endif
#ifdef HAVE_SSL_CACHE_MEMCACHE
-void ssl_scache_mc_init(server_rec *, apr_pool_t *);
-void ssl_scache_mc_kill(server_rec *);
-BOOL ssl_scache_mc_store(server_rec *, UCHAR *, int, time_t, SSL_SESSION *);
-SSL_SESSION *ssl_scache_mc_retrieve(server_rec *, UCHAR *, int, apr_pool_t *);
-void ssl_scache_mc_remove(server_rec *, UCHAR *, int);
-void ssl_scache_mc_status(request_rec *r, int flags, apr_pool_t *pool);
+const modssl_sesscache_provider modssl_sesscache_mc;
#endif
/** Proxy Support */
* Warn the user that he should use the session cache.
* But we can operate without it, of course.
*/
- if (mc->nSessionCacheMode == SSL_SCMODE_UNSET) {
+ if (mc->sesscache == NULL) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
"Init: Session Cache is not configured "
"[hint: SSLSessionCache]");
- mc->nSessionCacheMode = SSL_SCMODE_NONE;
return;
}
- if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
- ssl_scache_dbm_init(s, p);
-#ifdef HAVE_DISTCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_DC)
- ssl_scache_dc_init(s, p);
-#endif
-#ifdef HAVE_SSL_CACHE_MEMCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_MC)
- ssl_scache_mc_init(s, p);
-#endif
- else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB) {
- void *data;
- const char *userdata_key = "ssl_scache_init";
-
- apr_pool_userdata_get(&data, userdata_key, s->process->pool);
- if (!data) {
- apr_pool_userdata_set((const void *)1, userdata_key,
- apr_pool_cleanup_null, s->process->pool);
- return;
- }
- ssl_scache_shmcb_init(s, p);
- }
+ mc->sesscache->init(s, p);
}
void ssl_scache_kill(server_rec *s)
{
SSLModConfigRec *mc = myModConfig(s);
- if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
- ssl_scache_dbm_kill(s);
- else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
- ssl_scache_shmcb_kill(s);
-#ifdef HAVE_DISTCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_DC)
- ssl_scache_dc_kill(s);
-#endif
-#ifdef HAVE_SSL_CACHE_MEMCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_MC)
- ssl_scache_mc_kill(s);
-#endif
- return;
+ mc->sesscache->destroy(s);
}
BOOL ssl_scache_store(server_rec *s, UCHAR *id, int idlen,
apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
- BOOL rv = FALSE;
-
- if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
- rv = ssl_scache_dbm_store(s, id, idlen, expiry, sess, p);
- else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
- rv = ssl_scache_shmcb_store(s, id, idlen, expiry, sess);
-#ifdef HAVE_DISTCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_DC)
- rv = ssl_scache_dc_store(s, id, idlen, expiry, sess);
-#endif
-#ifdef HAVE_SSL_CACHE_MEMCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_MC)
- rv = ssl_scache_mc_store(s, id, idlen, expiry, sess);
-#endif
- return rv;
+
+ return mc->sesscache->store(s, id, idlen, expiry, sess);
}
SSL_SESSION *ssl_scache_retrieve(server_rec *s, UCHAR *id, int idlen,
apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
- SSL_SESSION *sess = NULL;
-
- if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
- sess = ssl_scache_dbm_retrieve(s, id, idlen, p);
- else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
- sess = ssl_scache_shmcb_retrieve(s, id, idlen);
-#ifdef HAVE_DISTCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_DC)
- sess = ssl_scache_dc_retrieve(s, id, idlen);
-#endif
-#ifdef HAVE_SSL_CACHE_MEMCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_MC)
- sess = ssl_scache_mc_retrieve(s, id, idlen, p);
-#endif
- return sess;
+
+ return mc->sesscache->retrieve(s, id, idlen, p);
}
void ssl_scache_remove(server_rec *s, UCHAR *id, int idlen,
{
SSLModConfigRec *mc = myModConfig(s);
- if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
- ssl_scache_dbm_remove(s, id, idlen, p);
- else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
- ssl_scache_shmcb_remove(s, id, idlen);
-#ifdef HAVE_DISTCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_DC)
- ssl_scache_dc_remove(s, id, idlen);
-#endif
-#ifdef HAVE_SSL_CACHE_MEMCACHE
- else if (mc->nSessionCacheMode == SSL_SCMODE_MC)
- ssl_scache_mc_remove(s, id, idlen);
-#endif
+ mc->sesscache->delete(s, id, idlen, p);
+
return;
}
*/
static int ssl_ext_status_hook(request_rec *r, int flags)
{
- SSLSrvConfigRec *sc = mySrvConfig(r->server);
+ SSLModConfigRec *mc = myModConfig(r->server);
- if (sc == NULL || flags & AP_STATUS_SHORT)
+ if (mc == NULL || flags & AP_STATUS_SHORT)
return OK;
ap_rputs("<hr>\n", r);
ap_rputs("</td></tr>\n", r);
ap_rputs("<tr><td bgcolor=\"#ffffff\">\n", r);
- if (sc->mc->nSessionCacheMode == SSL_SCMODE_DBM)
- ssl_scache_dbm_status(r, flags, r->pool);
- else if (sc->mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
- ssl_scache_shmcb_status(r, flags, r->pool);
-#ifdef HAVE_DISTCACHE
- else if (sc->mc->nSessionCacheMode == SSL_SCMODE_DC)
- ssl_scache_dc_status(r, flags, r->pool);
-#endif
-#ifdef HAVE_SSL_CACHE_MEMCACHE
- else if (sc->mc->nSessionCacheMode == SSL_SCMODE_MC)
- ssl_scache_mc_status(r, flags, r->pool);
-#endif
+ mc->sesscache->status(r, flags, r->pool);
ap_rputs("</td></tr>\n", r);
ap_rputs("</table>\n", r);
static void ssl_scache_dbm_expire(server_rec *s);
-void ssl_scache_dbm_init(server_rec *s, apr_pool_t *p)
+static void ssl_scache_dbm_remove(server_rec *s, UCHAR *id, int idlen,
+ apr_pool_t *p);
+
+static void ssl_scache_dbm_init(server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
apr_dbm_t *dbm;
return;
}
-void ssl_scache_dbm_kill(server_rec *s)
+static void ssl_scache_dbm_kill(server_rec *s)
{
SSLModConfigRec *mc = myModConfig(s);
apr_pool_t *p;
return;
}
-BOOL ssl_scache_dbm_store(server_rec *s, UCHAR *id, int idlen,
- time_t expiry, SSL_SESSION *sess,
- apr_pool_t *p)
+static BOOL ssl_scache_dbm_store(server_rec *s, UCHAR *id, int idlen,
+ time_t expiry, SSL_SESSION *sess)
{
SSLModConfigRec *mc = myModConfig(s);
apr_dbm_t *dbm;
int nData;
UCHAR *ucp;
apr_status_t rv;
+ apr_pool_t *p;
+
+ /* ### This is not in any way sane, a persistent pool which gets
+ * cleared each time is needed. */
+ apr_pool_create(&p, s->process->pool);
/* streamline session data */
if ((nData = i2d_SSL_SESSION(sess, NULL)) > sizeof(ucaData)) {
"(store)",
mc->szSessionCacheDataFile);
ssl_mutex_off(s);
+ apr_pool_destroy(p);
free(dbmval.dptr);
return FALSE;
}
mc->szSessionCacheDataFile);
apr_dbm_close(dbm);
ssl_mutex_off(s);
+ apr_pool_destroy(p);
free(dbmval.dptr);
return FALSE;
}
apr_dbm_close(dbm);
ssl_mutex_off(s);
+ apr_pool_destroy(p);
/* free temporary buffers */
free(dbmval.dptr);
return TRUE;
}
-SSL_SESSION *ssl_scache_dbm_retrieve(server_rec *s, UCHAR *id, int idlen,
- apr_pool_t *p)
+static SSL_SESSION *ssl_scache_dbm_retrieve(server_rec *s, UCHAR *id, int idlen,
+ apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
apr_dbm_t *dbm;
return sess;
}
-void ssl_scache_dbm_remove(server_rec *s, UCHAR *id, int idlen,
- apr_pool_t *p)
+static void ssl_scache_dbm_remove(server_rec *s, UCHAR *id, int idlen,
+ apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
apr_dbm_t *dbm;
return;
}
-void ssl_scache_dbm_status(request_rec *r, int flags, apr_pool_t *p)
+static void ssl_scache_dbm_status(request_rec *r, int flags, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(r->server);
apr_dbm_t *dbm;
return;
}
+const modssl_sesscache_provider modssl_sesscache_dbm = {
+ ssl_scache_dbm_init,
+ ssl_scache_dbm_kill,
+ ssl_scache_dbm_store,
+ ssl_scache_dbm_retrieve,
+ ssl_scache_dbm_remove,
+ ssl_scache_dbm_status
+};
**
*/
-void ssl_scache_dc_init(server_rec *s, apr_pool_t *p)
+static void ssl_scache_dc_init(server_rec *s, apr_pool_t *p)
{
DC_CTX *ctx;
SSLModConfigRec *mc = myModConfig(s);
return;
}
-void ssl_scache_dc_kill(server_rec *s)
+static void ssl_scache_dc_kill(server_rec *s)
{
SSLModConfigRec *mc = myModConfig(s);
mc->tSessionCacheDataTable = NULL;
}
-BOOL ssl_scache_dc_store(server_rec *s, UCHAR *id, int idlen,
- time_t timeout, SSL_SESSION * pSession)
+static BOOL ssl_scache_dc_store(server_rec *s, UCHAR *id, int idlen,
+ time_t timeout, SSL_SESSION * pSession)
{
unsigned char der[SSL_SESSION_MAX_DER];
int der_len;
return TRUE;
}
-SSL_SESSION *ssl_scache_dc_retrieve(server_rec *s, UCHAR *id, int idlen)
+static SSL_SESSION *ssl_scache_dc_retrieve(server_rec *s, UCHAR *id, int idlen, apr_pool_t *p)
{
unsigned char der[SSL_SESSION_MAX_DER];
unsigned int der_len;
return pSession;
}
-void ssl_scache_dc_remove(server_rec *s, UCHAR *id, int idlen)
+static void ssl_scache_dc_remove(server_rec *s, UCHAR *id, int idlen, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
DC_CTX *ctx = mc->tSessionCacheDataTable;
}
}
-void ssl_scache_dc_status(request_rec *r, int flags, apr_pool_t *pool)
+static void ssl_scache_dc_status(request_rec *r, int flags, apr_pool_t *pool)
{
SSLModConfigRec *mc = myModConfig(r->server);
" target: <b>%s</b><br>", mc->szSessionCacheDataFile);
}
+const modssl_sesscache_provider modssl_sesscache_dc = {
+ ssl_scache_dc_init,
+ ssl_scache_dc_kill,
+ ssl_scache_dc_store,
+ ssl_scache_dc_retrieve,
+ ssl_scache_dc_remove,
+ ssl_scache_dc_status
+};
+
#endif
#endif
-void ssl_scache_mc_init(server_rec *s, apr_pool_t *p)
+static void ssl_scache_mc_init(server_rec *s, apr_pool_t *p)
{
apr_status_t rv;
int thread_limit = 0;
return;
}
-void ssl_scache_mc_kill(server_rec *s)
+static void ssl_scache_mc_kill(server_rec *s)
{
}
return str;
}
-BOOL ssl_scache_mc_store(server_rec *s, UCHAR *id, int idlen,
- time_t timeout, SSL_SESSION *pSession)
+static BOOL ssl_scache_mc_store(server_rec *s, UCHAR *id, int idlen,
+ time_t timeout, SSL_SESSION *pSession)
{
char buf[MC_KEY_LEN];
char *strkey = NULL;
return TRUE;
}
-SSL_SESSION *ssl_scache_mc_retrieve(server_rec *s, UCHAR *id, int idlen,
- apr_pool_t *p)
+static SSL_SESSION *ssl_scache_mc_retrieve(server_rec *s, UCHAR *id, int idlen,
+ apr_pool_t *p)
{
SSL_SESSION *pSession;
MODSSL_D2I_SSL_SESSION_CONST unsigned char *pder;
apr_size_t der_len;
- SSLModConfigRec *mc = myModConfig(s);
char buf[MC_KEY_LEN];
char* strkey = NULL;
apr_status_t rv;
return pSession;
}
-void ssl_scache_mc_remove(server_rec *s, UCHAR *id, int idlen)
+static void ssl_scache_mc_remove(server_rec *s, UCHAR *id, int idlen, apr_pool_t *p)
{
char buf[MC_KEY_LEN];
char* strkey = NULL;
}
}
-void ssl_scache_mc_status(request_rec *r, int flags, apr_pool_t *pool)
+static void ssl_scache_mc_status(request_rec *r, int flags, apr_pool_t *pool)
{
/* SSLModConfigRec *mc = myModConfig(r->server); */
/* TODO: Make a mod_status handler. meh. */
}
+const modssl_sesscache_provider modssl_sesscache_mc = {
+ ssl_scache_mc_init,
+ ssl_scache_mc_kill,
+ ssl_scache_mc_store,
+ ssl_scache_mc_retrieve,
+ ssl_scache_mc_remove,
+ ssl_scache_mc_status
+};
#endif
* subcache internals are deferred to shmcb_subcache_*** functions lower down
*/
-void ssl_scache_shmcb_init(server_rec *s, apr_pool_t *p)
+static void ssl_scache_shmcb_init(server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
void *shm_segment;
SHMCBHeader *header;
unsigned int num_subcache, num_idx, loop;
+ {
+ void *data;
+ const char *userdata_key = "ssl_scache_init";
+
+ apr_pool_userdata_get(&data, userdata_key, s->process->pool);
+ if (!data) {
+ apr_pool_userdata_set((const void *)1, userdata_key,
+ apr_pool_cleanup_null, s->process->pool);
+ return;
+ }
+ }
+
/* Create shared memory segment */
if (mc->szSessionCacheDataFile == NULL) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
mc->tSessionCacheDataTable = shm_segment;
}
-void ssl_scache_shmcb_kill(server_rec *s)
+static void ssl_scache_shmcb_kill(server_rec *s)
{
SSLModConfigRec *mc = myModConfig(s);
return;
}
-BOOL ssl_scache_shmcb_store(server_rec *s, UCHAR *id, int idlen,
- time_t timeout, SSL_SESSION * pSession)
+static BOOL ssl_scache_shmcb_store(server_rec *s, UCHAR *id, int idlen,
+ time_t timeout, SSL_SESSION * pSession)
{
SSLModConfigRec *mc = myModConfig(s);
BOOL to_return = FALSE;
return to_return;
}
-SSL_SESSION *ssl_scache_shmcb_retrieve(server_rec *s, UCHAR *id, int idlen)
+static SSL_SESSION *ssl_scache_shmcb_retrieve(server_rec *s, UCHAR *id, int idlen,
+ apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
SSL_SESSION *pSession = NULL;
return pSession;
}
-void ssl_scache_shmcb_remove(server_rec *s, UCHAR *id, int idlen)
+static void ssl_scache_shmcb_remove(server_rec *s, UCHAR *id, int idlen, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
SHMCBHeader *header = mc->tSessionCacheDataTable;
ssl_mutex_off(s);
}
-void ssl_scache_shmcb_status(request_rec *r, int flags, apr_pool_t *p)
+static void ssl_scache_shmcb_status(request_rec *r, int flags, apr_pool_t *p)
{
server_rec *s = r->server;
SSLModConfigRec *mc = myModConfig(s);
return to_return;
}
+
+const modssl_sesscache_provider modssl_sesscache_shmcb = {
+ ssl_scache_shmcb_init,
+ ssl_scache_shmcb_kill,
+ ssl_scache_shmcb_store,
+ ssl_scache_shmcb_retrieve,
+ ssl_scache_shmcb_remove,
+ ssl_scache_shmcb_status
+};
projects / apache / commitdiff