On 02/22/2008 08:58 PM, [EMAIL PROTECTED] wrote:
Author: jorton
Date: Fri Feb 22 11:58:39 2008
New Revision: 630307
URL: http://svn.apache.org/viewvc?rev=630307view=rev
Log:
Move SSL session data deserialization up out of the session cache
storage providers; includes a significant change to the shmcb storage
structure:
* modules/ssl/ssl_private.h (modssl_sesscache_provider): Change
retrieve function to take dest/destlen output buffer, to take a
constant id paramater, and to return a BOOL.
* modules/ssl/ssl_scache.c (ssl_scache_retrieve): Update accordingly,
perform SSL deserialization here.
* modules/ssl/ssl_scache_dc.c (ssl_scache_dc_retrieve),
modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_retrieve),
modules/ssl/ssl_scache_memcache.c (ssl_scache_mc_retrieve):
Update accordingly.
* modules/ssl/ssl_scache_shmcb.c: Store the whole ID in the cache
before the data, so that each index can be compared against the
requested ID without deserializing the data. This requires approx
20% extra storage per session in the common case, though should
reduce CPU overhead in some retrieval paths.
(SHMCBIndex): Replace s_id2 field with id_len.
(shmcb_cyclic_memcmp): New function.
(ssl_scache_shmcb_init): Change the heuristics to allow for increase
in per-session storage requirement.
(ssl_scache_shmcb_retrieve): Drop requirement on ID length.
(shmcb_subcache_store): Store the ID in the cyclic buffer.
(shmcb_subcache_retrieve, shmcb_subcache_remove): Compare against
the stored ID rather than deserializing the data.
(ssl_scache_shmcb_retrieve, ssl_scache_shmcb_store): Update
accordingly.
Modified:
httpd/httpd/trunk/modules/ssl/ssl_private.h
httpd/httpd/trunk/modules/ssl/ssl_scache.c
httpd/httpd/trunk/modules/ssl/ssl_scache_dbm.c
httpd/httpd/trunk/modules/ssl/ssl_scache_dc.c
httpd/httpd/trunk/modules/ssl/ssl_scache_memcache.c
httpd/httpd/trunk/modules/ssl/ssl_scache_shmcb.c
Modified: httpd/httpd/trunk/modules/ssl/ssl_scache_dbm.c
URL:
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_scache_dbm.c?rev=630307r1=630306r2=630307view=diff
==
--- httpd/httpd/trunk/modules/ssl/ssl_scache_dbm.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_scache_dbm.c Fri Feb 22 11:58:39 2008
@@ -188,16 +188,15 @@
return TRUE;
}
-static SSL_SESSION *ssl_scache_dbm_retrieve(server_rec *s, UCHAR *id, int idlen,
-apr_pool_t *p)
+static BOOL ssl_scache_dbm_retrieve(server_rec *s, const UCHAR *id, int idlen,
+unsigned char *dest, unsigned int *destlen,
+apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
apr_dbm_t *dbm;
apr_datum_t dbmkey;
apr_datum_t dbmval;
-SSL_SESSION *sess = NULL;
-MODSSL_D2I_SSL_SESSION_CONST unsigned char *ucpData;
-int nData;
+unsigned int nData;
time_t expiry;
time_t now;
apr_status_t rc;
@@ -221,32 +220,30 @@
(fetch),
mc-szSessionCacheDataFile);
ssl_mutex_off(s);
-return NULL;
+return FALSE;
}
rc = apr_dbm_fetch(dbm, dbmkey, dbmval);
if (rc != APR_SUCCESS) {
apr_dbm_close(dbm);
ssl_mutex_off(s);
-return NULL;
+return FALSE;
}
if (dbmval.dptr == NULL || dbmval.dsize = sizeof(time_t)) {
apr_dbm_close(dbm);
ssl_mutex_off(s);
-return NULL;
+return FALSE;
}
/* parse resulting data */
nData = dbmval.dsize-sizeof(time_t);
-ucpData = malloc(nData);
-if (ucpData == NULL) {
+if (nData *destlen) {
apr_dbm_close(dbm);
ssl_mutex_off(s);
-return NULL;
-}
-/* Cast needed, ucpData may be const */
-memcpy((unsigned char *)ucpData,
- (char *)dbmval.dptr + sizeof(time_t), nData);
+return FALSE;
+}
+
memcpy(expiry, dbmval.dptr, sizeof(time_t));
+memcpy(dest, (char *)dbmval.dptr + sizeof(time_t), nData);
Shouldn't we do
*destlen = nData;
here?
apr_dbm_close(dbm);
ssl_mutex_off(s);
Modified: httpd/httpd/trunk/modules/ssl/ssl_scache_dc.c
URL:
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_scache_dc.c?rev=630307r1=630306r2=630307view=diff
==
--- httpd/httpd/trunk/modules/ssl/ssl_scache_dc.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_scache_dc.c Fri Feb 22 11:58:39 2008
@@ -116,32 +116,25 @@
return TRUE;
}
-static SSL_SESSION *ssl_scache_dc_retrieve(server_rec *s, UCHAR *id, int idlen, apr_pool_t *p)
+static BOOL ssl_scache_dc_retrieve(server_rec *s, const UCHAR *id, int idlen,
+ unsigned char *dest, unsigned int *destlen,
+ apr_pool_t *p)
{
-unsigned