Return-Path: Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 85870 invoked by uid 500); 11 Mar 2003 06:40:46 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 85859 invoked by uid 500); 11 Mar 2003 06:40:46 -0000 Delivered-To: apmail-httpd-2.0-cvs@apache.org Date: 11 Mar 2003 06:40:44 -0000 Message-ID: <20030311064044.92694.qmail@icarus.apache.org> From: wrowe@apache.org To: httpd-2.0-cvs@apache.org Subject: cvs commit: httpd-2.0/modules/ssl mod_ssl.c mod_ssl.h ssl_engine_config.c ssl_engine_mutex.c X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N wrowe 2003/03/10 22:40:44 Modified: . Tag: APACHE_2_0_BRANCH CHANGES STATUS modules/ssl Tag: APACHE_2_0_BRANCH mod_ssl.c mod_ssl.h ssl_engine_config.c ssl_engine_mutex.c Log: Backport the accepted patch to honor alternate SSLMutex flavors, just as we do for AcceptMutex (hint: shared code could be optimized here, but this is the patch tested and accepted by the list.) Revision Changes Path No revision No revision 1.988.2.58 +5 -0 httpd-2.0/CHANGES Index: CHANGES =================================================================== RCS file: /home/cvs/httpd-2.0/CHANGES,v retrieving revision 1.988.2.57 retrieving revision 1.988.2.58 diff -u -r1.988.2.57 -r1.988.2.58 --- CHANGES 9 Mar 2003 16:58:15 -0000 1.988.2.57 +++ CHANGES 11 Mar 2003 06:40:40 -0000 1.988.2.58 @@ -1,5 +1,10 @@ Changes with Apache 2.0.45 + *) Allow SSLMutex to select/use the full range of APR locking + mechanisms available to it. Also, fix the bug that SSLMutex uses + APR_LOCK_DEFAULT no matter what. PR 8122 [Jim Jagielski, + martin.t.kutschker@blackbox.net (Martin Kutschker)] + *) Restore the ability of htdigest.exe to create files that contain more than one user. PR 12910. [Andr� Malo] 1.751.2.168 +1 -10 httpd-2.0/STATUS Index: STATUS =================================================================== RCS file: /home/cvs/httpd-2.0/STATUS,v retrieving revision 1.751.2.167 retrieving revision 1.751.2.168 diff -u -r1.751.2.167 -r1.751.2.168 --- STATUS 10 Mar 2003 23:50:18 -0000 1.751.2.167 +++ STATUS 11 Mar 2003 06:40:41 -0000 1.751.2.168 @@ -84,15 +84,6 @@ (lacking knowledge), sorry. -1: - * Fix SSLMutex bogusness where right now it always uses APR_LOCK_DEFAULT. - Allow SSLMutex to choose any APR locking mechanism, ala AcceptMutex. - modules/ssl/mod_ssl.c r1.78 - modules/ssl/mod_ssl.h r1.125 - modules/ssl/ssl_engine_config.c r1.73 - modules/ssl/ssl_engine_mutex.c r1.19 - +1: jim, wrowe, stoddard, trawick - -1: - * Rewrite how proxy sends its request to allow input bodies to morph the request bodies. Previously, if an input filter changed the request body, the original C-L would be sent which No revision No revision 1.74.2.3 +26 -3 httpd-2.0/modules/ssl/mod_ssl.c Index: mod_ssl.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.c,v retrieving revision 1.74.2.2 retrieving revision 1.74.2.3 diff -u -r1.74.2.2 -r1.74.2.3 --- mod_ssl.c 3 Feb 2003 17:31:51 -0000 1.74.2.2 +++ mod_ssl.c 11 Mar 2003 06:40:43 -0000 1.74.2.3 @@ -79,13 +79,36 @@ #define AP_END_CMD { NULL } +const char ssl_valid_ssl_mutex_string[] = + "Valid SSLMutex mechanisms are: `none', `default'" +#if APR_HAS_FLOCK_SERIALIZE + ", `flock:/path/to/file'" +#endif +#if APR_HAS_FCNTL_SERIALIZE + ", `fcntl:/path/to/file'" +#endif +#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM) + ", `sysvsem'" +#endif +#if APR_HAS_POSIXSEM_SERIALIZE + ", `posixsem'" +#endif +#if APR_HAS_PROC_PTHREAD_SERIALIZE + ", `pthread'" +#endif +#if APR_HAS_FLOCK_SERIALIZE || APR_HAS_FCNTL_SERIALIZE + ", `file:/path/to/file'" +#endif +#if (APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)) || APR_HAS_POSIXSEM_SERIALIZE + ", `sem'" +#endif + " "; + static const command_rec ssl_config_cmds[] = { /* * Global (main-server) context configuration directives */ - SSL_CMD_SRV(Mutex, TAKE1, - "SSL lock for handling internal mutual exclusions " - "(`none', `file:/path/to/file')") + SSL_CMD_SRV(Mutex, TAKE1, ssl_valid_ssl_mutex_string) SSL_CMD_SRV(PassPhraseDialog, TAKE1, "SSL dialog mechanism for the pass phrase query " "(`builtin', `|/path/to/pipe_program`, " 1.122.2.2 +4 -0 httpd-2.0/modules/ssl/mod_ssl.h Index: mod_ssl.h =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.h,v retrieving revision 1.122.2.1 retrieving revision 1.122.2.2 diff -u -r1.122.2.1 -r1.122.2.2 --- mod_ssl.h 3 Feb 2003 17:31:52 -0000 1.122.2.1 +++ mod_ssl.h 11 Mar 2003 06:40:44 -0000 1.122.2.2 @@ -420,6 +420,7 @@ apr_rmm_t *pSessionCacheDataRMM; apr_table_t *tSessionCacheDataTable; ssl_mutexmode_t nMutexMode; + apr_lockmech_e nMutexMech; const char *szMutexFile; apr_global_mutex_t *pMutex; apr_array_header_t *aRandSeed; @@ -528,6 +529,9 @@ /* API glue structures */ extern module AP_MODULE_DECLARE_DATA ssl_module; + +/* "global" stuff */ +extern const char ssl_valid_ssl_mutex_string[]; /* configuration handling */ SSLModConfigRec *ssl_config_global_create(server_rec *); 1.70.2.2 +72 -2 httpd-2.0/modules/ssl/ssl_engine_config.c Index: ssl_engine_config.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_config.c,v retrieving revision 1.70.2.1 retrieving revision 1.70.2.2 diff -u -r1.70.2.1 -r1.70.2.2 --- ssl_engine_config.c 3 Feb 2003 17:31:52 -0000 1.70.2.1 +++ ssl_engine_config.c 11 Mar 2003 06:40:44 -0000 1.70.2.2 @@ -99,6 +99,7 @@ mc->pSessionCacheDataRMM = NULL; mc->tSessionCacheDataTable = NULL; mc->nMutexMode = SSL_MUTEXMODE_UNSET; + mc->nMutexMech = APR_LOCK_DEFAULT; mc->szMutexFile = NULL; mc->pMutex = NULL; mc->aRandSeed = apr_array_make(pool, 4, @@ -383,6 +384,60 @@ if (strcEQ(arg, "none") || strcEQ(arg, "no")) { mc->nMutexMode = SSL_MUTEXMODE_NONE; } + /* NOTE: previously, 'yes' implied 'sem' */ + else if (strcEQ(arg, "default") || strcEQ(arg, "yes")) { + mc->nMutexMode = SSL_MUTEXMODE_USED; + mc->nMutexMech = APR_LOCK_DEFAULT; + mc->szMutexFile = NULL; /* APR determines temporary filename */ + } +#if APR_HAS_FLOCK_SERIALIZE + else if (strlen(arg) > 6 && strcEQn(arg, "flock:", 6)) { + const char *file = ap_server_root_relative(cmd->pool, arg+6); + if (!file) { + return apr_pstrcat(cmd->pool, "Invalid SSLMutex flock: path ", + arg+6, NULL); + } + mc->nMutexMode = SSL_MUTEXMODE_USED; + mc->nMutexMech = APR_LOCK_FLOCK; + mc->szMutexFile = apr_psprintf(mc->pPool, "%s.%lu", + file, (unsigned long)getpid()); + } +#endif +#if APR_HAS_FCNTL_SERIALIZE + else if (strlen(arg) > 6 && strcEQn(arg, "fcntl:", 6)) { + const char *file = ap_server_root_relative(cmd->pool, arg+6); + if (!file) { + return apr_pstrcat(cmd->pool, "Invalid SSLMutex fcntl: path ", + arg+6, NULL); + } + mc->nMutexMode = SSL_MUTEXMODE_USED; + mc->nMutexMech = APR_LOCK_FCNTL; + mc->szMutexFile = apr_psprintf(mc->pPool, "%s.%lu", + file, (unsigned long)getpid()); + } +#endif +#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM) + else if (strcEQ(arg, "sysvsem")) { + mc->nMutexMode = SSL_MUTEXMODE_USED; + mc->nMutexMech = APR_LOCK_SYSVSEM; + mc->szMutexFile = NULL; /* APR determines temporary filename */ + } +#endif +#if APR_HAS_POSIXSEM_SERIALIZE + else if (strcEQ(arg, "posixsem")) { + mc->nMutexMode = SSL_MUTEXMODE_USED; + mc->nMutexMech = APR_LOCK_POSIXSEM; + mc->szMutexFile = NULL; /* APR determines temporary filename */ + } +#endif +#if APR_HAS_PROC_PTHREAD_SERIALIZE + else if (strcEQ(arg, "pthread")) { + mc->nMutexMode = SSL_MUTEXMODE_USED; + mc->nMutexMech = APR_LOCK_PROC_PTHREAD; + mc->szMutexFile = NULL; /* APR determines temporary filename */ + } +#endif +#if APR_HAS_FLOCK_SERIALIZE || APR_HAS_FCNTL_SERIALIZE else if (strlen(arg) > 5 && strcEQn(arg, "file:", 5)) { const char *file = ap_server_root_relative(cmd->pool, arg+5); if (!file) { @@ -390,17 +445,32 @@ arg+5, NULL); } mc->nMutexMode = SSL_MUTEXMODE_USED; +#if APR_HAS_FLOCK_SERIALIZE + mc->nMutexMech = APR_LOCK_FLOCK; +#endif +#if APR_HAS_FCNTL_SERIALIZE + mc->nMutexMech = APR_LOCK_FCNTL; +#endif mc->szMutexFile = apr_psprintf(mc->pPool, "%s.%lu", file, (unsigned long)getpid()); } - else if (strcEQ(arg, "sem") || strcEQ(arg, "yes")) { +#endif +#if (APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)) || APR_HAS_POSIXSEM_SERIALIZE + else if (strcEQ(arg, "sem")) { mc->nMutexMode = SSL_MUTEXMODE_USED; +#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM) + mc->nMutexMech = APR_LOCK_SYSVSEM; +#endif +#if APR_HAS_POSIXSEM_SERIALIZE + mc->nMutexMech = APR_LOCK_POSIXSEM; +#endif mc->szMutexFile = NULL; /* APR determines temporary filename */ } +#endif else { return apr_pstrcat(cmd->pool, "Invalid SSLMutex argument ", - arg, NULL); + arg, " (", ssl_valid_ssl_mutex_string, ")", NULL); } return NULL; 1.17.2.2 +18 -5 httpd-2.0/modules/ssl/ssl_engine_mutex.c Index: ssl_engine_mutex.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_mutex.c,v retrieving revision 1.17.2.1 retrieving revision 1.17.2.2 diff -u -r1.17.2.1 -r1.17.2.2 --- ssl_engine_mutex.c 3 Feb 2003 17:31:53 -0000 1.17.2.1 +++ ssl_engine_mutex.c 11 Mar 2003 06:40:44 -0000 1.17.2.2 @@ -75,9 +75,13 @@ if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile, APR_LOCK_DEFAULT, p)) != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, - "Cannot create SSLMutex file `%s'", - mc->szMutexFile); + if (mc->szMutexFile) + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, + "Cannot create SSLMutex with file `%s'", + mc->szMutexFile); + else + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, + "Cannot create SSLMutex"); return FALSE; } @@ -96,13 +100,22 @@ int ssl_mutex_reinit(server_rec *s, apr_pool_t *p) { SSLModConfigRec *mc = myModConfig(s); + apr_status_t rv; if (mc->nMutexMode == SSL_MUTEXMODE_NONE) return TRUE; - if (apr_global_mutex_child_init(&mc->pMutex, - mc->szMutexFile, p) != APR_SUCCESS) + if ((rv = apr_global_mutex_child_init(&mc->pMutex, + mc->szMutexFile, p)) != APR_SUCCESS) { + if (mc->szMutexFile) + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, + "Cannot reinit SSLMutex with file `%s'", + mc->szMutexFile); + else + ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, + "Cannot reinit SSLMutex"); return FALSE; + } return TRUE; }