Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 21537 invoked from network); 21 Aug 2008 04:21:15 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 21 Aug 2008 04:21:15 -0000 Received: (qmail 85956 invoked by uid 500); 21 Aug 2008 04:21:13 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 85905 invoked by uid 500); 21 Aug 2008 04:21:13 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 85896 invoked by uid 99); 21 Aug 2008 04:21:13 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Aug 2008 21:21:13 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Aug 2008 04:20:24 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id ED3192388961; Wed, 20 Aug 2008 21:20:23 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r687550 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_init.c modules/ssl/ssl_private.h modules/ssl/ssl_util.c Date: Thu, 21 Aug 2008 04:20:23 -0000 To: cvs@httpd.apache.org From: sctemme@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20080821042023.ED3192388961@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: sctemme Date: Wed Aug 20 21:20:21 2008 New Revision: 687550 URL: http://svn.apache.org/viewvc?rev=687550&view=rev Log: Implement dynamic mutex callbacks for the benefit of OpenSSL. Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/modules/ssl/ssl_engine_init.c httpd/httpd/trunk/modules/ssl/ssl_private.h httpd/httpd/trunk/modules/ssl/ssl_util.c Modified: httpd/httpd/trunk/CHANGES URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=687550&r1=687549&r2=687550&view=diff ============================================================================== --- httpd/httpd/trunk/CHANGES [utf-8] (original) +++ httpd/httpd/trunk/CHANGES [utf-8] Wed Aug 20 21:20:21 2008 @@ -2,6 +2,9 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + *) mod_ssl: implement dynamic mutex callbacks for the benefit of + OpenSSL. [Sander Temme] + *) mod_proxy_http: Introduce environment variable proxy-initial-not-pooled to avoid reusing pooled connections if the client connection is an initial connection. PR 37770. [Ruediger Pluem] Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=687550&r1=687549&r2=687550&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original) +++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Wed Aug 20 21:20:21 2008 @@ -321,6 +321,9 @@ ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s); ssl_die(); } + ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, + "Init: loaded Crypto Device API `%s'", + mc->szCryptoDevice); ENGINE_free(e); } Modified: httpd/httpd/trunk/modules/ssl/ssl_private.h URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_private.h?rev=687550&r1=687549&r2=687550&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_private.h (original) +++ httpd/httpd/trunk/modules/ssl/ssl_private.h Wed Aug 20 21:20:21 2008 @@ -463,6 +463,16 @@ } SSLDirConfigRec; /** + * Dynamic lock structure + */ +struct CRYPTO_dynlock_value { + apr_pool_t *pool; + const char* file; + int line; + apr_thread_mutex_t *mutex; +}; + +/** * function prototypes */ Modified: httpd/httpd/trunk/modules/ssl/ssl_util.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util.c?rev=687550&r1=687549&r2=687550&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_util.c (original) +++ httpd/httpd/trunk/modules/ssl/ssl_util.c Wed Aug 20 21:20:21 2008 @@ -351,6 +351,106 @@ } } +/* Global reference to the pool passed into ssl_util_thread_setup() */ +apr_pool_t *dynlockpool = NULL; + +/* + * Dynamic lock creation callback + */ +static struct CRYPTO_dynlock_value *ssl_dyn_create_function(const char *file, + int line) +{ + struct CRYPTO_dynlock_value *value; + apr_pool_t *p; + apr_status_t rv; + + /* + * We need a pool to allocate our mutex. Since we can't clear + * allocated memory from a pool, create a subpool that we can blow + * away in the destruction callback. + */ + rv = apr_pool_create(&p, dynlockpool); + if (rv != APR_SUCCESS) { + ap_log_perror(file, line, APLOG_ERR, rv, dynlockpool, + "Failed to create subpool for dynamic lock"); + return NULL; + } + + ap_log_perror(file, line, APLOG_DEBUG, 0, p, + "Creating dynamic lock"); + + value = (struct CRYPTO_dynlock_value *)apr_palloc(p, + sizeof(struct CRYPTO_dynlock_value)); + if (!value) { + ap_log_perror(file, line, APLOG_ERR, 0, p, + "Failed to allocate dynamic lock structure"); + return NULL; + } + + value->pool = p; + /* Keep our own copy of the place from which we were created, + using our own pool. */ + value->file = apr_pstrdup(p, file); + value->line = line; + rv = apr_thread_mutex_create(&(value->mutex), APR_THREAD_MUTEX_DEFAULT, + p); + if (rv != APR_SUCCESS) { + ap_log_perror(file, line, APLOG_ERR, rv, p, + "Failed to create thread mutex for dynamic lock"); + apr_pool_destroy(p); + return NULL; + } + return value; +} + +/* + * Dynamic locking and unlocking function + */ + +static void ssl_dyn_lock_function(int mode, struct CRYPTO_dynlock_value *l, + const char *file, int line) +{ + apr_status_t rv; + + if (mode & CRYPTO_LOCK) { + ap_log_perror(file, line, APLOG_DEBUG, 0, l->pool, + "Acquiring mutex %s:%d", l->file, l->line); + rv = apr_thread_mutex_lock(l->mutex); + ap_log_perror(file, line, APLOG_DEBUG, rv, l->pool, + "Mutex %s:%d acquired!", l->file, l->line); + } + else { + ap_log_perror(file, line, APLOG_DEBUG, 0, l->pool, + "Releasing mutex %s:%d", l->file, l->line); + rv = apr_thread_mutex_unlock(l->mutex); + ap_log_perror(file, line, APLOG_DEBUG, rv, l->pool, + "Mutex %s:%d released!", l->file, l->line); + } +} + +/* + * Dynamic lock destruction callback + */ +static void ssl_dyn_destroy_function(struct CRYPTO_dynlock_value *l, + const char *file, int line) +{ + apr_status_t rv; + + ap_log_perror(file, line, APLOG_DEBUG, 0, l->pool, + "Destroying dynamic lock %s:%d", l->file, l->line); + rv = apr_thread_mutex_destroy(l->mutex); + if (rv != APR_SUCCESS) { + ap_log_perror(file, line, APLOG_ERR, rv, l->pool, + "Failed to destroy mutex for dynamic lock %s:%d", + l->file, l->line); + } + + /* Trust that whomever owned the CRYPTO_dynlock_value we were + * passed has no future use for it... + */ + apr_pool_destroy(l->pool); +} + static unsigned long ssl_util_thr_id(void) { /* OpenSSL needs this to return an unsigned long. On OS/390, the pthread @@ -373,6 +473,12 @@ { CRYPTO_set_locking_callback(NULL); CRYPTO_set_id_callback(NULL); + + CRYPTO_set_dynlock_create_callback(NULL); + CRYPTO_set_dynlock_lock_callback(NULL); + CRYPTO_set_dynlock_destroy_callback(NULL); + + dynlockpool = NULL; /* Let the registered mutex cleanups do their own thing */ @@ -393,6 +499,14 @@ CRYPTO_set_id_callback(ssl_util_thr_id); CRYPTO_set_locking_callback(ssl_util_thr_lock); + + /* Set up dynamic locking scaffolding for OpenSSL to use at its + * convenience. + */ + dynlockpool = p; + CRYPTO_set_dynlock_create_callback(ssl_dyn_create_function); + CRYPTO_set_dynlock_lock_callback(ssl_dyn_lock_function); + CRYPTO_set_dynlock_destroy_callback(ssl_dyn_destroy_function); apr_pool_cleanup_register(p, NULL, ssl_util_thread_cleanup, apr_pool_cleanup_null);