Return-Path: 
 <dev-return-36347-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 51834 invoked by uid 500); 23 Feb 2003 16:02:34 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
list-post: <mailto:dev@httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 51821 invoked from network); 23 Feb 2003 16:02:33 -0000
Message-ID: <A5374D237E78D41195810090279CC91A08EC789C@xcup04.cup.hp.com>
From: "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)"
 <madhusudan_mathihalli@hp.com>
To: "'dev@httpd.apache.org'" <dev@httpd.apache.org>
Subject: RE: Fix for SSLMutex bogusness
Date: Sun, 23 Feb 2003 11:02:34 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2655.55)
Content-Type: text/plain;
	charset="iso-8859-1"
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

Cool.. (although I haven't tested it,) +1 for the idea.

-Madhu

-----Original Message-----
From: Jim Jagielski [mailto:jim@jaguNET.com]
Sent: Saturday, February 22, 2003 8:51 AM
To: dev@httpd.apache.org
Subject: Fix for SSLMutex bogusness


Of course for 2.1, but also for 2.0 as well... Right now, SSLMutex
is pretty binary :)

Index: modules/ssl/mod_ssl.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.c,v
retrieving revision 1.74.2.2
diff -u -r1.74.2.2 mod_ssl.c
--- modules/ssl/mod_ssl.c	3 Feb 2003 17:31:51 -0000	1.74.2.2
+++ modules/ssl/mod_ssl.c	21 Feb 2003 21:16:32 -0000
@@ -79,13 +79,37 @@
 
 #define AP_END_CMD { NULL }
 
+const char ssl_valid_ssl_mutex_string[] =
+    "Valid SSLMutex mechanisms are: "
+    "`none', `default'"
+#if APR_HAS_FLOCK_SERIALIZE
+    ", `flock:/path/to/file'"
+#endif
+#if APR_HAS_FCNTL_SERIALIZE
+    ", `fcntl:/path/to/file'"
+#endif
+#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
+    ", `sysvsem'"
+#endif
+#if APR_HAS_POSIXSEM_SERIALIZE
+    ", `posixsem'"
+#endif
+#if APR_HAS_PROC_PTHREAD_SERIALIZE
+    ", `pthread'"
+#endif
+#if APR_HAS_FLOCK_SERIALIZE || APR_HAS_FCNTL_SERIALIZE
+    ", `file:/path/to/file'"
+#endif
+#if (APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)) || 
APR_HAS_POSIXSEM_SERIALIZE
+    ", `sem'"
+#endif
+    ".";
+
 static const command_rec ssl_config_cmds[] = {
     /*
      * Global (main-server) context configuration directives
      */
-    SSL_CMD_SRV(Mutex, TAKE1,
-                "SSL lock for handling internal mutual exclusions "
-                "(`none', `file:/path/to/file')")
+    SSL_CMD_SRV(Mutex, TAKE1, ssl_valid_ssl_mutex_string)
     SSL_CMD_SRV(PassPhraseDialog, TAKE1,
                 "SSL dialog mechanism for the pass phrase query "
                 "(`builtin', `|/path/to/pipe_program`, "
Index: modules/ssl/mod_ssl.h
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.h,v
retrieving revision 1.122.2.1
diff -u -r1.122.2.1 mod_ssl.h
--- modules/ssl/mod_ssl.h	3 Feb 2003 17:31:52 -0000	
1.122.2.1
+++ modules/ssl/mod_ssl.h	21 Feb 2003 21:16:32 -0000
@@ -420,6 +420,7 @@
     apr_rmm_t      *pSessionCacheDataRMM;
     apr_table_t    *tSessionCacheDataTable;
     ssl_mutexmode_t nMutexMode;
+    apr_lockmech_e  nMutexMech;
     const char     *szMutexFile;
     apr_global_mutex_t   *pMutex;
     apr_array_header_t   *aRandSeed;
@@ -528,6 +529,9 @@
 
 /*  API glue structures  */
 extern module AP_MODULE_DECLARE_DATA ssl_module;
+
+/* "global" stuff */
+extern const char ssl_valid_ssl_mutex_string[];
 
 /*  configuration handling   */
 SSLModConfigRec *ssl_config_global_create(server_rec *);
Index: modules/ssl/ssl_engine_config.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_config.c,v
retrieving revision 1.70.2.1
diff -u -r1.70.2.1 ssl_engine_config.c
--- modules/ssl/ssl_engine_config.c	3 Feb 2003 17:31:52 
-0000	1.70.2.1
+++ modules/ssl/ssl_engine_config.c	21 Feb 2003 21:16:32 -0000
@@ -99,6 +99,7 @@
     mc->pSessionCacheDataRMM   = NULL;
     mc->tSessionCacheDataTable = NULL;
     mc->nMutexMode             = SSL_MUTEXMODE_UNSET;
+    mc->nMutexMech             = APR_LOCK_DEFAULT;
     mc->szMutexFile            = NULL;
     mc->pMutex                 = NULL;
     mc->aRandSeed              = apr_array_make(pool, 4,
@@ -383,6 +384,61 @@
     if (strcEQ(arg, "none") || strcEQ(arg, "no")) {
         mc->nMutexMode  = SSL_MUTEXMODE_NONE;
     }
+    else if (strcEQ(arg, "default") || strcEQ(arg, "yes")) {
+        mc->nMutexMode  = SSL_MUTEXMODE_USED;
+        mc->nMutexMech = APR_LOCK_DEFAULT;
+        mc->szMutexFile = NULL; /* APR determines temporary filename */
+    }
+#if APR_HAS_FLOCK_SERIALIZE
+    else if (strlen(arg) > 6 && strcEQn(arg, "flock:", 6)) {
+        const char *file = ap_server_root_relative(cmd->pool, arg+6);
+        if (!file) {
+            return apr_pstrcat(cmd->pool, "Invalid SSLMutex 
file: path ", 
+                               arg+6, NULL);
+        }
+        mc->nMutexMode  = SSL_MUTEXMODE_USED;
+        mc->nMutexMech = APR_LOCK_FLOCK;
+        mc->szMutexFile =
+            apr_psprintf(mc->pPool, "%s.%lu",
+                         file, (unsigned long)getpid());
+    }
+#endif
+#if APR_HAS_FCNTL_SERIALIZE
+    else if (strlen(arg) > 6 && strcEQn(arg, "fcntl:", 6)) {
+        const char *file = ap_server_root_relative(cmd->pool, arg+6);
+        if (!file) {
+            return apr_pstrcat(cmd->pool, "Invalid SSLMutex 
file: path ", 
+                               arg+6, NULL);
+        }
+        mc->nMutexMode  = SSL_MUTEXMODE_USED;
+        mc->nMutexMech = APR_LOCK_FCNTL;
+        mc->szMutexFile =
+            apr_psprintf(mc->pPool, "%s.%lu",
+                         file, (unsigned long)getpid());
+    }
+#endif
+#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
+    else if (strcEQ(arg, "sysvsem")) {
+        mc->nMutexMode  = SSL_MUTEXMODE_USED;
+        mc->nMutexMech = APR_LOCK_SYSVSEM;
+        mc->szMutexFile = NULL; /* APR determines temporary filename */
+    }
+#endif
+#if APR_HAS_POSIXSEM_SERIALIZE
+    else if (strcEQ(arg, "posixsem")) {
+        mc->nMutexMode  = SSL_MUTEXMODE_USED;
+        mc->nMutexMech = APR_LOCK_POSIXSEM;
+        mc->szMutexFile = NULL; /* APR determines temporary filename */
+    }
+#endif
+#if APR_HAS_PROC_PTHREAD_SERIALIZE
+    else if (strcEQ(arg, "pthread")) {
+        mc->nMutexMode  = SSL_MUTEXMODE_USED;
+        mc->nMutexMech = APR_LOCK_PROC_PTHREAD;
+        mc->szMutexFile = NULL; /* APR determines temporary filename */
+    }
+#endif
+#if APR_HAS_FLOCK_SERIALIZE || APR_HAS_FCNTL_SERIALIZE
     else if (strlen(arg) > 5 && strcEQn(arg, "file:", 5)) {
         const char *file = ap_server_root_relative(cmd->pool, arg+5);
         if (!file) {
@@ -390,17 +446,32 @@
                                arg+5, NULL);
         }
         mc->nMutexMode  = SSL_MUTEXMODE_USED;
+#if APR_HAS_FLOCK_SERIALIZE
+        mc->nMutexMech  = APR_LOCK_FLOCK;
+#endif
+#if APR_HAS_FCNTL_SERIALIZE
+        mc->nMutexMech  = APR_LOCK_FCNTL;
+#endif
         mc->szMutexFile =
             apr_psprintf(mc->pPool, "%s.%lu",
                          file, (unsigned long)getpid());
     }
-    else if (strcEQ(arg, "sem") || strcEQ(arg, "yes")) {
+#endif
+#if (APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)) || 
APR_HAS_POSIXSEM_SERIALIZE
+    else if (strcEQ(arg, "sem")) {
         mc->nMutexMode  = SSL_MUTEXMODE_USED;
+#if APR_HAS_POSIXSEM_SERIALIZE
+        mc->nMutexMech  = APR_LOCK_POSIXSEM;
+#endif
+#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
+        mc->nMutexMech  = APR_LOCK_SYSVSEM;
+#endif
         mc->szMutexFile = NULL; /* APR determines temporary filename */
     }
+#endif
     else {
         return apr_pstrcat(cmd->pool, "Invalid SSLMutex argument ", 
-                           arg, NULL);
+                           arg, " (", 
ssl_valid_ssl_mutex_string, ")", NULL);
     }
 
     return NULL;
Index: modules/ssl/ssl_engine_mutex.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_mutex.c,v
retrieving revision 1.17.2.1
diff -u -r1.17.2.1 ssl_engine_mutex.c
--- modules/ssl/ssl_engine_mutex.c	3 Feb 2003 17:31:53 
-0000	1.17.2.1
+++ modules/ssl/ssl_engine_mutex.c	21 Feb 2003 21:16:33 -0000
@@ -75,9 +75,13 @@
 
     if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile,
                                 APR_LOCK_DEFAULT, p)) != APR_SUCCESS) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
-                     "Cannot create SSLMutex file `%s'",
-                     mc->szMutexFile);
+        if (mc->szMutexFile)
+            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
+                         "Cannot create SSLMutex file `%s'",
+                         mc->szMutexFile);
+        else
+            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
+                         "Cannot create SSLMutex");
         return FALSE;
     }
 
@@ -96,13 +100,17 @@
 int ssl_mutex_reinit(server_rec *s, apr_pool_t *p)
 {
     SSLModConfigRec *mc = myModConfig(s);
+    apr_status_t rv;
 
     if (mc->nMutexMode == SSL_MUTEXMODE_NONE)
         return TRUE;
 
-    if (apr_global_mutex_child_init(&mc->pMutex,
-                                    mc->szMutexFile, p) != APR_SUCCESS)
+    if ((rv = apr_global_mutex_child_init(&mc->pMutex,
+                                    mc->szMutexFile, p)) != 
APR_SUCCESS) {
+        ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s,
+                     "Failed to reinit global mutex lock");
         return FALSE;
+    }
     return TRUE;
 }
 

-- 
================================================================
===========
   Jim Jagielski   [|]   jim@jaguNET.com   [|]   http://www.jaguNET.com/
      "A society that will trade a little liberty for a little order
             will lose both and deserve neither" - T.Jefferson