You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2009/11/24 22:22:16 UTC
svn commit: r883880 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Author: trawick
Date: Tue Nov 24 21:22:15 2009
New Revision: 883880
URL: http://svn.apache.org/viewvc?rev=883880&view=rev
Log:
remove SSLMutex documentation
update the session cache description to indicate that the ssl cache mutex is used
to serialize access, and that the mutex can be configured using the Mutex directive
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=883880&r1=883879&r2=883880&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Tue Nov 24 21:22:15 2009
@@ -210,87 +210,6 @@
</directivesynopsis>
<directivesynopsis>
-<name>SSLMutex</name>
-<description>Semaphore for internal mutual exclusion of
-operations</description>
-<syntax>SSLMutex <em>type</em></syntax>
-<default>SSLMutex none</default>
-<contextlist><context>server config</context></contextlist>
-
-<usage>
-<p>
-This configures the SSL engine's semaphore (aka. lock) which is used for mutual
-exclusion of operations which have to be done in a synchronized way between the
-pre-forked Apache server processes. This directive can only be used in the
-global server context because it's only useful to have one global mutex.
-This directive is designed to closely match the
-<directive module="mpm_common">AcceptMutex</directive> directive.</p>
-<p>
-The following Mutex <em>types</em> are available:</p>
-<ul>
-<li><code>none | no</code>
- <p>
- This is the default where no Mutex is used at all. Use it at your own
- risk. But because currently the Mutex is mainly used for synchronizing
- write access to the SSL Session Cache you can live without it as long
- as you accept a sometimes garbled Session Cache. So it's not recommended
- to leave this the default. Instead configure a real Mutex.</p></li>
-<li><code>posixsem</code>
- <p>
- This is an elegant Mutex variant where a Posix Semaphore is used when possible.
- It is only available when the underlying platform
- and <glossary>APR</glossary> supports it.</p></li>
-<li><code>sysvsem</code>
- <p>
- This is a somewhat elegant Mutex variant where a SystemV IPC Semaphore is used when
- possible. It is possible to "leak" SysV semaphores if processes crash before
- the semaphore is removed. It is only available when the underlying platform
- and <glossary>APR</glossary> supports it.</p></li>
-<li><code>sem</code>
- <p>
- This directive tells the SSL Module to pick the "best" semaphore implementation
- available to it, choosing between Posix and SystemV IPC, in that order. It is only
- available when the underlying platform and <glossary>APR</glossary> supports at least one of the 2.</p></li>
-<li><code>pthread</code>
- <p>
- This directive tells the SSL Module to use Posix thread mutexes. It is only available
- if the underlying platform and <glossary>APR</glossary> supports it.</p></li>
-<li><code>fcntl:/path/to/mutex</code>
- <p>
- This is a portable Mutex variant where a physical (lock-)file and the <code>fcntl()</code>
- function are used as the Mutex.
- Always use a local disk filesystem for <code>/path/to/mutex</code> and never a file
- residing on a NFS- or AFS-filesystem. It is only available when the underlying platform
- and <glossary>APR</glossary> supports it. Note: Internally, the Process ID (PID) of the
- Apache parent process is automatically appended to
- <code>/path/to/mutex</code> to make it unique, so you don't have to worry
- about conflicts yourself. Notice that this type of mutex is not available
- under the Win32 environment. There you <em>have</em> to use the semaphore
- mutex.</p></li>
-<li><code>flock:/path/to/mutex</code>
- <p>
- This is similar to the <code>fcntl:/path/to/mutex</code> method with the
- exception that the <code>flock()</code> function is used to provide file
- locking. It is only available when the underlying platform
- and <glossary>APR</glossary> supports it.</p></li>
-<li><code>file:/path/to/mutex</code>
- <p>
- This directive tells the SSL Module to pick the "best" file locking implementation
- available to it, choosing between <code>fcntl</code> and <code>flock</code>,
- in that order. It is only available when the underlying platform and <glossary>APR</glossary> supports
- at least one of the 2.</p></li>
-<li><code>default | yes</code>
- <p>
- This directive tells the SSL Module to pick the default locking implementation
- as determined by the platform and <glossary>APR</glossary>.</p></li>
-</ul>
-<example><title>Example</title>
-SSLMutex file:/usr/local/apache/logs/ssl_mutex
-</example>
-</usage>
-</directivesynopsis>
-
-<directivesynopsis>
<name>SSLRandomSeed</name>
<description>Pseudo Random Number Generator (PRNG) seeding
source</description>
@@ -446,10 +365,15 @@
address.</p></li>
</ul>
+
<example><title>Examples</title>
SSLSessionCache dbm:/usr/local/apache/logs/ssl_gcache_data<br />
SSLSessionCache shm:/usr/local/apache/logs/ssl_gcache_data(512000)
</example>
+
+<p>The <code>ssl-cache</code> mutex is used to serialize access to
+the session cache to prevent corruption. This mutex can be configured
+using the <directive module="core">Mutex</directive> directive.</p>
</usage>
</directivesynopsis>