httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Eissing <>
Subject Re: SSLSrvConfigRec shared
Date Thu, 21 Sep 2017 09:48:17 GMT

> Am 21.09.2017 um 11:37 schrieb Yann Ylavic <>:
> Hi Stefan,
> On Wed, Sep 20, 2017 at 2:06 PM, Stefan Eissing
> <> wrote:
>>> Am 20.09.2017 um 12:33 schrieb Yann Ylavic <>:
>>> On Wed, Sep 20, 2017 at 12:09 PM, Stefan Eissing
>>> <> wrote:
>>>> Is there some better way?
>>> I would go with the usual/unconditional per server config (and hence
>>> merging), trade simplicity vs a few memory space...
>> Not sure I get your dift here.
> I think you lost me too :)
> Let's try to get in sync...

Sure! :D

>> server/config.c calls merge_server_configs() for each non-base server_rec
>> and that one copies the config pointer from base if the vhost has none.
>> if there is one, it merges.
> If the module defines its own server_config_create() which allocates
> one, each vhost will have its own, and the module's
> server_config_merge() can do whatever needs to for the members of the
> config (pointer copy, shallow/deep copy, ...).

Yes, but only *iff* there is every a directive of that module used in
a VirtualHost.

> I didn't re-looked at the mod_ssl config code lately, I remember some
> special treatment for main server config (re process->pool), but it
> seems to me that each vhost has its own config, and that the merge
> process issues copies (shallow?).

mod_ssl does nothing special here, just normal module stuff.

The special thing happens in server/config.c: merge_server_configs() 
that goes over all modules and all virtual servers and either merges
the modules config *or* just assigns the pointer from the
base_server's one.

The assumption here is that module configs at that point-in-time are
read-only. Which is not really true since several modules make changes
in the post_config phase that happens afterwards.

My fix for this in mod_ssl is part of
which calls ssl_config_server_uniq() once at the post_init phase
for each server.



> What I don't remember is some modifications of the server configs in
> place in post_config, if that's the case it should indeed be preceded
> by a deep copy sowehow...
>> Now, are you speaking of changing that for all modules? Add a flag to "struct module"
>> or solve it in mod_ssl post_config?
> Of course not, create/merge process per module can already do that, up
> to the module to do what it needs (correctly).
> Regards,
> Yann.

View raw message