You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2005/07/08 17:41:15 UTC
svn commit: r209821 - in /httpd/httpd/trunk: CHANGES modules/ssl/mod_ssl.c
modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_init.c
modules/ssl/ssl_private.h
Author: jim
Date: Fri Jul 8 08:41:14 2005
New Revision: 209821
URL: http://svn.apache.org/viewcvs?rev=209821&view=rev
Log:
Fix case where buggy OpenSSL internal cache continually grows.
So don't bother to store it, but still force OpenSSL
to provide a Session ID.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/ssl/mod_ssl.c
httpd/httpd/trunk/modules/ssl/ssl_engine_config.c
httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
httpd/httpd/trunk/modules/ssl/ssl_private.h
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?rev=209821&r1=209820&r2=209821&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES (original)
+++ httpd/httpd/trunk/CHANGES Fri Jul 8 08:41:14 2005
@@ -1,6 +1,12 @@
Changes with Apache 2.1.7
[Remove entries to the current 2.0 section below, when backported]
+ *) Add additional SSLSessionCache option, 'internal', which makes
+ mod_ssl just use OpenSSL's own internal session ID cache. Useful
+ when one needs to disable any external, shared caches but
+ requires the server to send non-null session IDs.
+ [Jim Jagielski]
+
*) Add httxt2dbm to support/ for creating RewriteMap DBM Files.
[Paul Querna]
Modified: httpd/httpd/trunk/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/ssl/mod_ssl.c?rev=209821&r1=209820&r2=209821&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/trunk/modules/ssl/mod_ssl.c Fri Jul 8 08:41:14 2005
@@ -83,7 +83,7 @@
"or `exec:/path/to/cgi_program')")
SSL_CMD_SRV(SessionCache, TAKE1,
"SSL Session Cache storage "
- "(`none', `dbm:/path/to/file')")
+ "(`none', `internal', `dbm:/path/to/file')")
#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)
SSL_CMD_SRV(CryptoDevice, TAKE1,
"SSL external Crypto Device usage "
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_config.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/ssl/ssl_engine_config.c?rev=209821&r1=209820&r2=209821&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_config.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_config.c Fri Jul 8 08:41:14 2005
@@ -1001,6 +1001,10 @@
mc->nSessionCacheMode = SSL_SCMODE_NONE;
mc->szSessionCacheDataFile = NULL;
}
+ else if (strcEQ(arg, "internal")) {
+ mc->nSessionCacheMode = SSL_SCMODE_OPENSSL_INTERNAL;
+ mc->szSessionCacheDataFile = NULL;
+ }
else if ((arglen > 4) && strcEQn(arg, "dbm:", 4)) {
mc->nSessionCacheMode = SSL_SCMODE_DBM;
mc->szSessionCacheDataFile = ap_server_root_relative(mc->pPool, arg+4);
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=209821&r1=209820&r2=209821&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Fri Jul 8 08:41:14 2005
@@ -467,7 +467,6 @@
SSL_CTX *ctx = mctx->ssl_ctx;
SSLModConfigRec *mc = myModConfig(s);
long cache_mode = SSL_SESS_CACHE_OFF;
-
if (mc->nSessionCacheMode != SSL_SCMODE_NONE) {
/* SSL_SESS_CACHE_NO_INTERNAL will force OpenSSL
* to ignore process local-caching and
Modified: httpd/httpd/trunk/modules/ssl/ssl_private.h
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/ssl/ssl_private.h?rev=209821&r1=209820&r2=209821&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_private.h (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_private.h Fri Jul 8 08:41:14 2005
@@ -259,7 +259,8 @@
SSL_SCMODE_NONE = 0,
SSL_SCMODE_DBM = 1,
SSL_SCMODE_SHMCB = 3,
- SSL_SCMODE_DC = 4
+ SSL_SCMODE_DC = 4,
+ SSL_SCMODE_OPENSSL_INTERNAL = 5
} ssl_scmode_t;
/*