From: Joe Orton Date: Fri, 2 Nov 2007 16:12:42 +0000 (+0000) Subject: * modules/ssl/ssl_engine_vars.c (ssl_var_register): Take a pool X-Git-Tag: 2.3.0~1295 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=748681d5582c86fd019ce35463d6928cf480abc7;p=apache * modules/ssl/ssl_engine_vars.c (ssl_var_register): Take a pool argument; determine library version strings once at startup. (ssl_var_lookup_ssl_version): Drop 'pp' argument; use new global variables rather than modifying process-global state in a function which must be thread-safe. (all callers changed) * modules/ssl/mod_ssl.c (ssl_register_hooks): Pass pool to ssl_var_register. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@591384 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c index e16032258f..8511228374 100644 --- a/modules/ssl/mod_ssl.c +++ b/modules/ssl/mod_ssl.c @@ -482,7 +482,7 @@ static void ssl_register_hooks(apr_pool_t *p) ap_hook_insert_filter (ssl_hook_Insert_Filter, NULL,NULL, APR_HOOK_MIDDLE); /* ap_hook_handler (ssl_hook_Upgrade, NULL,NULL, APR_HOOK_MIDDLE); */ - ssl_var_register(); + ssl_var_register(p); APR_REGISTER_OPTIONAL_FN(ssl_proxy_enable); APR_REGISTER_OPTIONAL_FN(ssl_engine_disable); diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index 7f4df61f6b..50b6e46001 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -49,7 +49,7 @@ static char *ssl_var_lookup_ssl_cert_PEM(apr_pool_t *p, X509 *xs); static char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, conn_rec *c); static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var); static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize); -static char *ssl_var_lookup_ssl_version(apr_pool_t *pp, apr_pool_t *p, char *var); +static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var); static char *ssl_var_lookup_ssl_compress_meth(SSL *ssl); static int ssl_is_https(conn_rec *c) @@ -58,12 +58,32 @@ static int ssl_is_https(conn_rec *c) return sslconn && sslconn->ssl; } -void ssl_var_register(void) +static const char var_interface[] = "mod_ssl/" MOD_SSL_VERSION; +static char var_library_interface[] = SSL_LIBRARY_TEXT; +static char *var_library = NULL; + +void ssl_var_register(apr_pool_t *p) { + char *cp, *cp2; + APR_REGISTER_OPTIONAL_FN(ssl_is_https); APR_REGISTER_OPTIONAL_FN(ssl_var_lookup); APR_REGISTER_OPTIONAL_FN(ssl_ext_list); - return; + + /* Perform once-per-process library version determination: */ + var_library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT); + + if ((cp = strchr(var_library, ' ')) != NULL) { + *cp = '/'; + if ((cp2 = strchr(cp, ' ')) != NULL) + *cp2 = NUL; + } + + if ((cp = strchr(var_library_interface, ' ')) != NULL) { + *cp = '/'; + if ((cp2 = strchr(cp, ' ')) != NULL) + *cp2 = NUL; + } } /* This function must remain safe to use for a non-SSL connection. */ @@ -190,7 +210,7 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, */ if (result == NULL) { if (strlen(var) > 12 && strcEQn(var, "SSL_VERSION_", 12)) - result = ssl_var_lookup_ssl_version(s->process->pool, p, var+12); + result = ssl_var_lookup_ssl_version(p, var+12); else if (strcEQ(var, "SERVER_SOFTWARE")) result = ap_get_server_banner(); else if (strcEQ(var, "API_VERSION")) { @@ -262,8 +282,7 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, char *var) ssl = sslconn->ssl; if (strlen(var) > 8 && strcEQn(var, "VERSION_", 8)) { - result = ssl_var_lookup_ssl_version(c->base_server->process->pool, - p, var+8); + result = ssl_var_lookup_ssl_version(p, var+8); } else if (ssl != NULL && strcEQ(var, "PROTOCOL")) { result = (char *)SSL_get_version(ssl); @@ -634,41 +653,18 @@ static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algke return; } -static char *ssl_var_lookup_ssl_version(apr_pool_t *pp, apr_pool_t *p, char *var) +static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var) { - static const char interface[] = "mod_ssl/" MOD_SSL_VERSION; - static char library_interface[] = SSL_LIBRARY_TEXT; - static char *library = NULL; - char *result; - - if (!library) { - char *cp, *cp2; - library = apr_pstrdup(pp, SSL_LIBRARY_DYNTEXT); - if ((cp = strchr(library, ' ')) != NULL) { - *cp = '/'; - if ((cp2 = strchr(cp, ' ')) != NULL) - *cp2 = NUL; - } - if ((cp = strchr(library_interface, ' ')) != NULL) { - *cp = '/'; - if ((cp2 = strchr(cp, ' ')) != NULL) - *cp2 = NUL; - } - } - if (strEQ(var, "INTERFACE")) { - result = apr_pstrdup(p, interface); + return apr_pstrdup(p, var_interface); } else if (strEQ(var, "LIBRARY_INTERFACE")) { - result = apr_pstrdup(p, library_interface); + return apr_pstrdup(p, var_library_interface); } else if (strEQ(var, "LIBRARY")) { - result = apr_pstrdup(p, library); - } - else { - result = NULL; + return apr_pstrdup(p, var_library); } - return result; + return NULL; } diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h index 487450dbc7..a2592cd678 100644 --- a/modules/ssl/ssl_private.h +++ b/modules/ssl/ssl_private.h @@ -680,7 +680,9 @@ void ssl_die(void); void ssl_log_ssl_error(const char *, int, int, server_rec *); /** Variables */ -void ssl_var_register(void); + +/* Register variables for the lifetime of the process pool 'p'. */ +void ssl_var_register(apr_pool_t *p); char *ssl_var_lookup(apr_pool_t *, server_rec *, conn_rec *, request_rec *, char *); apr_array_header_t *ssl_ext_list(apr_pool_t *p, conn_rec *c, int peer, const char *extension);