Return-Path: 
 <dev-return-82614-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-dev-archive@www.apache.org
Delivered-To: apmail-httpd-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 775421856A
	for <apmail-httpd-dev-archive@www.apache.org>;
 Wed, 13 May 2015 14:29:27 +0000 (UTC)
Received: (qmail 77635 invoked by uid 500); 13 May 2015 14:29:27 -0000
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 77554 invoked by uid 500); 13 May 2015 14:29:26 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 77544 invoked by uid 99); 13 May 2015 14:29:26 -0000
Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 13 May 2015 14:29:26 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org)
 with ESMTP id 68FD4C4806
	for <dev@httpd.apache.org>; Wed, 13 May 2015 14:29:26 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.121
X-Spam-Level: 
X-Spam-Status: No, score=-0.121 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001]
	autolearn=disabled
Authentication-Results: spamd1-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-eu-west.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new,
 port 10024)
	with ESMTP id harwYeI8qD4t for <dev@httpd.apache.org>;
	Wed, 13 May 2015 14:29:21 +0000 (UTC)
Received: from mail-qc0-f182.google.com (mail-qc0-f182.google.com
 [209.85.216.182])
	by mx1-eu-west.apache.org (ASF Mail Server at mx1-eu-west.apache.org) with
 ESMTPS id DB27A2030F
	for <dev@httpd.apache.org>; Wed, 13 May 2015 14:29:20 +0000 (UTC)
Received: by qcyk17 with SMTP id k17so23244441qcy.1
        for <dev@httpd.apache.org>; Wed, 13 May 2015 07:28:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=message-id:date:from:user-agent:mime-version:to:subject:references
         :in-reply-to:content-type:content-transfer-encoding;
        bh=jy0fTvXvNj87b85dKIh12e+gg5EuoZv/XTwUqD7OkMI=;
        b=jOhIbI93Kfud39dDV7dz8f2y/PFEDqf7Ik+LyAZr3MskfY26LD9PdSSAGClukK9llZ
         nr4qBbyMKCNsqf1yj2QaXRORAL4CGpp7frvvi2+bMFyRF+iks3scOFeOfgZ/IDKqNbJz
         yWAjUB06HmrXAwGYY6wq0duRTpqPTayGqaFkxce4IIebqruyngit7Dl4XSb92y0Rviej
         nVg2jFGS3ZAE5BbSUXtiRdoTh07Vpyr0p1jtppuQQb/xWY7s3LO4dWbN5VplIVFofguG
         cAuPjVgwL394Is47PEiKeKcvzy6qHGQ63bi5turs0DhFa1hb+hb/DZr+Zw3nVdnSWYyR
         d6QQ==
X-Received: by 10.140.147.195 with SMTP id 186mr28184193qht.59.1431527314814;
        Wed, 13 May 2015 07:28:34 -0700 (PDT)
Received: from [172.20.0.136] (rrcs-70-62-97-170.midsouth.biz.rr.com.
 [70.62.97.170])
        by mx.google.com with ESMTPSA id
 e5sm15651285qkh.19.2015.05.13.07.28.34
        for <dev@httpd.apache.org>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 13 May 2015 07:28:34 -0700 (PDT)
Message-ID: <55535F91.2010805@gmail.com>
Date: Wed, 13 May 2015 10:28:33 -0400
From: Jeff Trawick <trawick@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: dev@httpd.apache.org
Subject: Re: svn commit: r1679032 - in /httpd/httpd/trunk: CHANGES
 docs/manual/mod/mod_ssl.xml
 modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c
 modules/ssl/ssl_private.h
 modules/ssl/ssl_util_stapling.c
References: <20150512185930.2215BAC09F8@hades.apache.org>
	<CAKQ1sVN2eEaoUR2se39e+WUqmcWmFhL8FkqVNwc26G0zbbFOqw@mail.gmail.com>
	<55526794.3030908@gmail.com>	<555344D2.7030609@gmail.com>
 <CAKQ1sVN2uejmKJO3O4REvqJCNJEyFn36TgaADPNzCkRx_Z6z3g@mail.gmail.com>
In-Reply-To: 
 <CAKQ1sVN2uejmKJO3O4REvqJCNJEyFn36TgaADPNzCkRx_Z6z3g@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

On 05/13/2015 08:59 AM, Yann Ylavic wrote:
> On Wed, May 13, 2015 at 2:34 PM, Jeff Trawick <trawick@gmail.com> wrote:
>> Thanks again!
> You're welcome ;)
>
> WDYT of the following?
> (cosmetic only, but helps read/reuse-ability a bit)
>
> Index: modules/ssl/ssl_util_stapling.c
> ===================================================================
> --- modules/ssl/ssl_util_stapling.c    (revision 1679195)
> +++ modules/ssl/ssl_util_stapling.c    (working copy)
> @@ -250,13 +250,11 @@ static BOOL stapling_cache_response(server_rec *s,
>
>       i2d_OCSP_RESPONSE(rsp, &p);
>
> -    if (mc->stapling_cache->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
> -        stapling_cache_mutex_on(s);
> +    stapling_cache_mutex_on(s);
>       rv = mc->stapling_cache->store(mc->stapling_cache_context, s,
>                                      cinf->idx, sizeof(cinf->idx),
>                                      expiry, resp_der, stored_len, pool);
> -    if (mc->stapling_cache->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
> -        stapling_cache_mutex_off(s);
> +    stapling_cache_mutex_off(s);

At the moment I very slightly prefer seeing the reminder that there 
isn't always a mutex, but I won't care before long.  I prefer that this 
matches the implementation of the session cache mutex on where the 
socache flag is checked, but if it makes you happy and you change the 
session cache equivalent to match then go for it :)

>       if (rv != APR_SUCCESS) {
>           ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01929)
>                        "stapling_cache_response: OCSP response session
> store error!");
> @@ -277,13 +275,11 @@ static BOOL stapling_get_cached_response(server_re
>       const unsigned char *p;
>       unsigned int resp_derlen = MAX_STAPLING_DER;
>
> -    if (mc->stapling_cache->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
> -        stapling_cache_mutex_on(s);
> +    stapling_cache_mutex_on(s);
>       rv = mc->stapling_cache->retrieve(mc->stapling_cache_context, s,
>                                         cinf->idx, sizeof(cinf->idx),
>                                         resp_der, &resp_derlen, pool);
> -    if (mc->stapling_cache->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
> -        stapling_cache_mutex_off(s);
> +    stapling_cache_mutex_off(s);
>       if (rv != APR_SUCCESS) {
>           ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01930)
>                        "stapling_get_cached_response: cache miss");
> @@ -623,8 +619,11 @@ static int stapling_cache_mutex_on(server_rec *s)
>   {
>       SSLModConfigRec *mc = myModConfig(s);
>
> -    return stapling_mutex_on(s, mc->stapling_cache_mutex,
> -                             SSL_STAPLING_CACHE_MUTEX_TYPE);
> +    if (mc->stapling_cache->flags & AP_SOCACHE_FLAG_NOTMPSAFE) {
> +        return stapling_mutex_on(s, mc->stapling_cache_mutex,
> +                                 SSL_STAPLING_CACHE_MUTEX_TYPE);
> +    }
> +    return TRUE;
>   }
>
>   static int stapling_cache_mutex_off(server_rec *s)
> @@ -631,8 +630,11 @@ static int stapling_cache_mutex_off(server_rec *s)
>   {
>       SSLModConfigRec *mc = myModConfig(s);
>
> -    return stapling_mutex_off(s, mc->stapling_cache_mutex,
> -                              SSL_STAPLING_CACHE_MUTEX_TYPE);
> +    if (mc->stapling_cache->flags & AP_SOCACHE_FLAG_NOTMPSAFE) {
> +        return stapling_mutex_off(s, mc->stapling_cache_mutex,
> +                                  SSL_STAPLING_CACHE_MUTEX_TYPE);
> +    }
> +    return TRUE;
>   }
>
>   static int stapling_refresh_mutex_on(server_rec *s)
> --