httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@apache.org
Subject cvs commit: httpd-2.0/modules/ssl mod_ssl.h ssl_engine_config.c ssl_engine_mutex.c
Date Sat, 05 May 2001 19:09:38 GMT
rse         01/05/05 12:09:38

  Modified:    modules/ssl mod_ssl.h ssl_engine_config.c ssl_engine_mutex.c
  Log:
  Kick out all old mutex code and base SSLMutex on APR locks.
  
  Revision  Changes    Path
  1.11      +9 -78     httpd-2.0/modules/ssl/mod_ssl.h
  
  Index: mod_ssl.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.h,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- mod_ssl.h	2001/05/05 16:55:28	1.10
  +++ mod_ssl.h	2001/05/05 19:09:37	1.11
  @@ -227,65 +227,6 @@
   #endif
   
   /*
  - * Support for file locking: Try to determine whether we should use fcntl() or
  - * flock().  Would be better ap_config.h could provide this... :-(
  -  */
  -#if defined(USE_FCNTL_SERIALIZED_ACCEPT)
  -#define SSL_USE_FCNTL 1
  -#include <fcntl.h>
  -#endif
  -#if defined(USE_FLOCK_SERIALIZED_ACCEPT)
  -#define SSL_USE_FLOCK 1
  -#include <sys/file.h>
  -#endif
  -#if !defined(SSL_USE_FCNTL) && !defined(SSL_USE_FLOCK)
  -#define SSL_USE_FLOCK 1
  -#if !defined(MPE)
  -#include <sys/file.h>
  -#endif
  -#ifndef LOCK_UN
  -#undef SSL_USE_FLOCK
  -#define SSL_USE_FCNTL 1
  -#include <fcntl.h>
  -#endif
  -#endif
  -#ifdef AIX
  -#undef SSL_USE_FLOCK
  -#define SSL_USE_FCNTL 1
  -#include <fcntl.h>
  -#endif
  -
  -/*
  - * Support for Mutex
  - */
  -#define SSL_MUTEX_LOCK_MODE ( S_IRUSR|S_IWUSR )
  -#if defined(USE_SYSVSEM_SERIALIZED_ACCEPT) ||\
  -    (defined(__FreeBSD__) && defined(__FreeBSD_version) &&\
  -     __FreeBSD_version >= 300000) ||\
  -    (defined(LINUX) && defined(__GLIBC__) && defined(__GLIBC_MINOR__) &&\
  -     LINUX >= 2 && __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 1) ||\
  -    defined(SOLARIS2) || defined(__hpux) ||\
  -    (defined (__digital__) && defined (__unix__))
  -#define SSL_CAN_USE_SEM
  -#define SSL_HAVE_IPCSEM
  -#include <sys/types.h>
  -#include <sys/ipc.h>
  -#include <sys/sem.h>
  -/* 
  - * Some platforms have a `union semun' pre-defined but Single Unix
  - * Specification (SUSv2) says in semctl(2): `If required, it is of
  - * type union semun, which the application program must explicitly
  - * declare'. So we define it always ourself to avoid problems (but under
  - * a different name to avoid a namespace clash).
  - */
  -union ssl_ipc_semun {
  -    long val;
  -    struct semid_ds *buf;
  -    unsigned short int *array;
  -};
  -#endif
  -
  -/*
    * Support for MM library
    */
   #define SSL_MM_FILE_MODE ( S_IRUSR|S_IWUSR )
  @@ -430,8 +371,7 @@
   typedef enum {
       SSL_MUTEXMODE_UNSET  = UNSET,
       SSL_MUTEXMODE_NONE   = 0,
  -    SSL_MUTEXMODE_FILE   = 1,
  -    SSL_MUTEXMODE_SEM    = 2
  +    SSL_MUTEXMODE_USED   = 1
   } ssl_mutexmode_t;
   
   /*
  @@ -488,8 +428,7 @@
       table_t        *tSessionCacheDataTable;
       ssl_mutexmode_t nMutexMode;
       char           *szMutexFile;
  -    int             nMutexFD;
  -    int             nMutexSEMID;
  +    apr_lock_t     *pMutex;
       array_header   *aRandSeed;
       ssl_ds_table   *tTmpKeys;
       void           *pTmpKeys[SSL_TKPIDX_MAX];
  @@ -710,21 +649,13 @@
   void          ssl_ds_table_kill(ssl_ds_table *);
   
   /*  Mutex Support  */
  -void         ssl_mutex_init(server_rec *, pool *);
  -void         ssl_mutex_reinit(server_rec *, pool *);
  -void         ssl_mutex_on(server_rec *);
  -void         ssl_mutex_off(server_rec *);
  -void         ssl_mutex_kill(server_rec *s);
  -void         ssl_mutex_file_create(server_rec *, pool *);
  -void         ssl_mutex_file_open(server_rec *, pool *);
  -void         ssl_mutex_file_remove(void *);
  -BOOL         ssl_mutex_file_acquire(void);
  -BOOL         ssl_mutex_file_release(void);
  -void         ssl_mutex_sem_create(server_rec *, pool *);
  -void         ssl_mutex_sem_open(server_rec *, pool *);
  -void         ssl_mutex_sem_remove(void *);
  -BOOL         ssl_mutex_sem_acquire(void);
  -BOOL         ssl_mutex_sem_release(void);
  +#endif /* XXX */
  +int          ssl_mutex_init(server_rec *, apr_pool_t *);
  +int          ssl_mutex_reinit(server_rec *, apr_pool_t *);
  +int          ssl_mutex_on(server_rec *);
  +int          ssl_mutex_off(server_rec *);
  +int          ssl_mutex_kill(server_rec *);
  +#if 0 /* XXX */
   
   /*  Logfile Support  */
   void         ssl_log_open(server_rec *, server_rec *, pool *);
  
  
  
  1.10      +6 -10     httpd-2.0/modules/ssl/ssl_engine_config.c
  
  Index: ssl_engine_config.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_config.c,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- ssl_engine_config.c	2001/05/05 16:55:28	1.9
  +++ ssl_engine_config.c	2001/05/05 19:09:37	1.10
  @@ -96,8 +96,7 @@
           mc->tSessionCacheDataTable = NULL;
           mc->nMutexMode             = SSL_MUTEXMODE_UNSET;
           mc->szMutexFile            = NULL;
  -        mc->nMutexFD               = -1;
  -        mc->nMutexSEMID            = -1;
  +        mc->pMutex                 = NULL;
           mc->aRandSeed              = ap_make_array(pPool, 4, sizeof(ssl_randseed_t));
           mc->tPrivateKey            = ssl_ds_table_make(pPool, sizeof(ssl_asn1_t));
           mc->tPublicCert            = ssl_ds_table_make(pPool, sizeof(ssl_asn1_t));
  @@ -324,21 +323,18 @@
           return err;
       if (ssl_config_global_isfixed())
           return NULL;
  -    if (strcEQ(arg, "none")) {
  +    if (strcEQ(arg, "none") || strcEQ(arg, "no")) {
           mc->nMutexMode  = SSL_MUTEXMODE_NONE;
       }
       else if (strlen(arg) > 5 && strcEQn(arg, "file:", 5)) {
  -        mc->nMutexMode  = SSL_MUTEXMODE_FILE;
  +        mc->nMutexMode  = SSL_MUTEXMODE_USED;
           mc->szMutexFile = ap_psprintf(mc->pPool, "%s.%lu",
                                         ap_server_root_relative(cmd->pool, "mutex", arg+5),
                                         (unsigned long)getpid());
       }
  -    else if (strcEQ(arg, "sem")) {
  -#ifdef SSL_CAN_USE_SEM
  -        mc->nMutexMode  = SSL_MUTEXMODE_SEM;
  -#else
  -        return "SSLMutex: Semaphores not available on this platform";
  -#endif
  +    else if (strcEQ(arg, "sem") || strcEQ(arg, "yes")) {
  +        mc->nMutexMode  = SSL_MUTEXMODE_USED;
  +        mc->szMutexFile = NULL; /* APR determines temporary filename */
       }
       else
           return "SSLMutex: Invalid argument";
  
  
  
  1.5       +28 -286   httpd-2.0/modules/ssl/ssl_engine_mutex.c
  
  Index: ssl_engine_mutex.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_mutex.c,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- ssl_engine_mutex.c	2001/05/05 16:35:17	1.4
  +++ ssl_engine_mutex.c	2001/05/05 19:09:37	1.5
  @@ -64,322 +64,64 @@
   
   #if 0 /* XXX */
   
  -/*  _________________________________________________________________
  -**
  -**  Mutex Support (Common)
  -**  _________________________________________________________________
  -*/
  -
  -void ssl_mutex_init(server_rec *s, pool *p)
  +int ssl_mutex_init(server_rec *s, apr_pool_t *p)
   {
       SSLModConfigRec *mc = myModConfig();
   
  -    if (mc->nMutexMode == SSL_MUTEXMODE_FILE)
  -        ssl_mutex_file_create(s, p);
  -    else if (mc->nMutexMode == SSL_MUTEXMODE_SEM)
  -        ssl_mutex_sem_create(s, p);
  -    return;
  +    if (mc->nMutexMode == SSL_MUTEXMODE_NONE) 
  +        return TRUE;
  +    if (apr_lock_create(&mc->pMutex, APR_MUTEX, APR_LOCKALL, 
  +                        mc->szMutexFile, p) != APR_SUCCESS)
  +        return FALSE;
  +    return TRUE;
   }
   
  -void ssl_mutex_reinit(server_rec *s, pool *p)
  +int ssl_mutex_reinit(server_rec *s, apr_pool_t *p)
   {
       SSLModConfigRec *mc = myModConfig();
   
  -    if (mc->nMutexMode == SSL_MUTEXMODE_FILE)
  -        ssl_mutex_file_open(s, p);
  -    else if (mc->nMutexMode == SSL_MUTEXMODE_SEM)
  -        ssl_mutex_sem_open(s, p);
  -    return;
  +    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)
  +        return TRUE;
  +    if (apr_lock_child_init(&mc->pMutex, mc->szMutexFile, p) != APR_SUCCESS)
  +        return FALSE;
  +    return TRUE;
   }
   
  -void ssl_mutex_on(server_rec *s)
  +int ssl_mutex_on(server_rec *s)
   {
       SSLModConfigRec *mc = myModConfig();
  -    BOOL ok = TRUE;
   
  -    if (mc->nMutexMode == SSL_MUTEXMODE_FILE)
  -        ok = ssl_mutex_file_acquire();
  -    else if (mc->nMutexMode == SSL_MUTEXMODE_SEM)
  -        ok = ssl_mutex_sem_acquire();
  -    if (!ok)
  +    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)
  +        return TRUE;
  +    if (apr_lock_acquire(mc->pMutex) != APR_SUCCESS) {
           ssl_log(s, SSL_LOG_WARN, "Failed to acquire global mutex lock");
  -    return;
  -}
  -
  -void ssl_mutex_off(server_rec *s)
  -{
  -    SSLModConfigRec *mc = myModConfig();
  -    BOOL ok = TRUE;
  -
  -    if (mc->nMutexMode == SSL_MUTEXMODE_FILE)
  -        ok = ssl_mutex_file_release();
  -    else if (mc->nMutexMode == SSL_MUTEXMODE_SEM)
  -        ok = ssl_mutex_sem_release();
  -    if (!ok)
  -        ssl_log(s, SSL_LOG_WARN, "Failed to release global mutex lock");
  -    return;
  -}
  -
  -void ssl_mutex_kill(server_rec *s)
  -{
  -    SSLModConfigRec *mc = myModConfig();
  -
  -    if (mc->nMutexMode == SSL_MUTEXMODE_FILE)
  -        ssl_mutex_file_remove(s);
  -    else if (mc->nMutexMode == SSL_MUTEXMODE_SEM)
  -        ssl_mutex_sem_remove(s);
  -    return;
  -}
  -
  -
  -/*  _________________________________________________________________
  -**
  -**  Mutex Support (Lockfile)
  -**  _________________________________________________________________
  -*/
  -
  -void ssl_mutex_file_create(server_rec *s, pool *p)
  -{
  -    SSLModConfigRec *mc = myModConfig();
  -
  -    /* create the lockfile */
  -    unlink(mc->szMutexFile);
  -    if ((mc->nMutexFD = ap_popenf(p, mc->szMutexFile,
  -                                  O_WRONLY|O_CREAT, SSL_MUTEX_LOCK_MODE)) < 0) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                "Parent process could not create SSLMutex lockfile %s",
  -                mc->szMutexFile);
  -        ssl_die();
  -    }
  -    ap_pclosef(p, mc->nMutexFD);
  -
  -    /* make sure the childs have access to this file */
  -#ifndef OS2
  -    if (geteuid() == 0 /* is superuser */)
  -        chown(mc->szMutexFile, ap_user_id, -1 /* no gid change */);
  -#endif
  -
  -    /* open the lockfile for real */
  -    if ((mc->nMutexFD = ap_popenf(p, mc->szMutexFile,
  -                                  O_WRONLY, SSL_MUTEX_LOCK_MODE)) < 0) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                "Parent could not open SSLMutex lockfile %s",
  -                mc->szMutexFile);
  -        ssl_die();
  -    }
  -    return;
  -}
  -
  -void ssl_mutex_file_open(server_rec *s, pool *p)
  -{
  -    SSLModConfigRec *mc = myModConfig();
  -
  -    /* open the lockfile (once per child) to get a unique fd */
  -    if ((mc->nMutexFD = ap_popenf(p, mc->szMutexFile,
  -                                  O_WRONLY, SSL_MUTEX_LOCK_MODE)) < 0) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                "Child could not open SSLMutex lockfile %s",
  -                mc->szMutexFile);
  -        ssl_die();
  +        return FALSE;
       }
  -    return;
  -}
  -
  -void ssl_mutex_file_remove(void *data)
  -{
  -    SSLModConfigRec *mc = myModConfig();
  -
  -    /* remove the mutex lockfile */
  -    unlink(mc->szMutexFile);
  -    return;
  +    return TRUE;
   }
  -
  -#ifdef SSL_USE_FCNTL
  -static struct flock   lock_it;
  -static struct flock unlock_it;
  -#endif
   
  -BOOL ssl_mutex_file_acquire(void)
  +int ssl_mutex_off(server_rec *s)
   {
  -    int rc = -1;
       SSLModConfigRec *mc = myModConfig();
   
  -#ifdef SSL_USE_FCNTL
  -    lock_it.l_whence = SEEK_SET; /* from current point */
  -    lock_it.l_start  = 0;        /* -"- */
  -    lock_it.l_len    = 0;        /* until end of file */
  -    lock_it.l_type   = F_WRLCK;  /* set exclusive/write lock */
  -    lock_it.l_pid    = 0;        /* pid not actually interesting */
  -
  -    while (   ((rc = fcntl(mc->nMutexFD, F_SETLKW, &lock_it)) < 0)
  -           && (errno == EINTR)                                    ) 
  -        ;
  -#endif
  -#ifdef SSL_USE_FLOCK
  -    while (   ((rc = flock(mc->nMutexFD, LOCK_EX)) < 0)
  -           && (errno == EINTR)                         )
  -        ;
  -#endif
  -
  -    if (rc < 0)
  -        return FALSE;
  -    else
  +    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)
           return TRUE;
  -}
  -
  -BOOL ssl_mutex_file_release(void)
  -{
  -    int rc = -1;
  -    SSLModConfigRec *mc = myModConfig();
  -
  -#ifdef SSL_USE_FCNTL
  -    unlock_it.l_whence = SEEK_SET; /* from current point */
  -    unlock_it.l_start  = 0;        /* -"- */
  -    unlock_it.l_len    = 0;        /* until end of file */
  -    unlock_it.l_type   = F_UNLCK;  /* unlock */
  -    unlock_it.l_pid    = 0;        /* pid not actually interesting */
  -
  -    while (   (rc = fcntl(mc->nMutexFD, F_SETLKW, &unlock_it)) < 0
  -           && (errno == EINTR)                                    )
  -        ;
  -#endif
  -#ifdef SSL_USE_FLOCK
  -    while (   (rc = flock(mc->nMutexFD, LOCK_UN)) < 0
  -           && (errno == EINTR)                       ) 
  -        ;
  -#endif
  -
  -    if (rc < 0)
  +    if (apr_lock_release(mc->pMutex) != APR_SUCCESS) {
  +        ssl_log(s, SSL_LOG_WARN, "Failed to release global mutex lock");
           return FALSE;
  -    else
  -        return TRUE;
  -}
  -
  -/*  _________________________________________________________________
  -**
  -**  Mutex Support (Process Semaphore)
  -**  _________________________________________________________________
  -*/
  -
  -void ssl_mutex_sem_create(server_rec *s, pool *p)
  -{
  -#ifdef SSL_CAN_USE_SEM
  -    int semid;
  -    SSLModConfigRec *mc = myModConfig();
  -#ifdef SSL_HAVE_IPCSEM
  -    union ssl_ipc_semun semctlarg;
  -    struct semid_ds semctlbuf;
  -#endif
  -
  -#ifdef SSL_HAVE_IPCSEM
  -    semid = semget(IPC_PRIVATE, 1, IPC_CREAT|IPC_EXCL|S_IRUSR|S_IWUSR);
  -    if (semid == -1 && errno == EEXIST)
  -        semid = semget(IPC_PRIVATE, 1, IPC_EXCL|S_IRUSR|S_IWUSR);
  -    if (semid == -1) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                "Parent process could not create private SSLMutex semaphore");
  -        ssl_die();
  -    }
  -    semctlarg.val = 0;
  -    if (semctl(semid, 0, SETVAL, semctlarg) < 0) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                "Parent process could not initialize SSLMutex semaphore value");
  -        ssl_die();
  -    }
  -    semctlbuf.sem_perm.uid  = ap_user_id;
  -    semctlbuf.sem_perm.gid  = ap_group_id;
  -    semctlbuf.sem_perm.mode = 0660;
  -    semctlarg.buf = &semctlbuf;
  -    if (semctl(semid, 0, IPC_SET, semctlarg) < 0) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                "Parent process could not set permissions for SSLMutex semaphore");
  -        ssl_die();
       }
  -#endif
  -#ifdef SSL_HAVE_W32SEM
  -    semid = (int)ap_create_mutex("mod_ssl_mutex");
  -#endif
  -    mc->nMutexSEMID = semid;
  -#endif
  -    return;
  +    return TRUE;
   }
   
  -void ssl_mutex_sem_open(server_rec *s, pool *p)
  +int ssl_mutex_kill(server_rec *s)
   {
  -#ifdef SSL_CAN_USE_SEM
  -#ifdef SSL_HAVE_W32SEM
       SSLModConfigRec *mc = myModConfig();
   
  -    mc->nMutexSEMID = (int)ap_open_mutex("mod_ssl_mutex");
  -#endif
  -#endif
  -    return;
  -}
  -
  -void ssl_mutex_sem_remove(void *data)
  -{
  -#ifdef SSL_CAN_USE_SEM
  -    SSLModConfigRec *mc = myModConfig();
  -
  -#ifdef SSL_HAVE_IPCSEM
  -    semctl(mc->nMutexSEMID, 0, IPC_RMID, 0);
  -#endif
  -#ifdef SSL_HAVE_W32SEM
  -    ap_destroy_mutex((mutex *)mc->nMutexSEMID);
  -#endif
  -#endif
  -    return;
  -}
  -
  -BOOL ssl_mutex_sem_acquire(void)
  -{
  -    int rc = 0;
  -#ifdef SSL_CAN_USE_SEM
  -    SSLModConfigRec *mc = myModConfig();
  -
  -#ifdef SSL_HAVE_IPCSEM
  -    struct sembuf sb[] = {
  -        { 0, 0, 0 },       /* wait for semaphore */
  -        { 0, 1, SEM_UNDO } /* increment semaphore */
  -    };
  -
  -    while (   (rc = semop(mc->nMutexSEMID, sb, 2)) < 0
  -           && (errno == EINTR)                        ) 
  -        ;
  -#endif
  -#ifdef SSL_HAVE_W32SEM
  -    rc = ap_acquire_mutex((mutex *)mc->nMutexSEMID);
  -#endif
  -#endif
  -    if (rc != 0)
  -        return FALSE;
  -    else
  +    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)
           return TRUE;
  -}
  -
  -BOOL ssl_mutex_sem_release(void)
  -{
  -    int rc = 0;
  -#ifdef SSL_CAN_USE_SEM
  -    SSLModConfigRec *mc = myModConfig();
  -
  -#ifdef SSL_HAVE_IPCSEM
  -    struct sembuf sb[] = {
  -        { 0, -1, SEM_UNDO } /* decrements semaphore */
  -    };
  -
  -    while (   (rc = semop(mc->nMutexSEMID, sb, 1)) < 0 
  -           && (errno == EINTR)                        ) 
  -        ;
  -#endif
  -#ifdef SSL_HAVE_W32SEM
  -    rc = ap_release_mutex((mutex *)mc->nMutexSEMID);
  -#endif
  -#endif
  -    if (rc != 0)
  +    if (apr_lock_destroy(mc->pMutex) != APR_SUCCESS)
           return FALSE;
  -    else
  -        return TRUE;
  +    return TRUE;
   }
   
   #endif /* XXX */
  
  
  

Mime
View raw message