Re: svn commit: r631297 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_mutex.c ssl_private.h ssl_scache.c ssl_scache_dbm.c ssl_scache_dc.c ssl_scache_memcache.c ssl_scache_shmcb.c

Tue, 26 Feb 2008 12:58:52 -0800 


On 02/26/2008 05:57 PM, [EMAIL PROTECTED] wrote:

Author: jorton
Date: Tue Feb 26 08:57:56 2008
New Revision: 631297

URL: http://svn.apache.org/viewvc?rev=631297&view=rev
Log:
Session cache interface redesign, Part 6:

Move mutex handling up out of the session cache providers:


* modules/ssl/ssl_private.h (modssl_sesscache_provider): Add name and 
  flags fields.  Define MODSSL_SESSCACHE_FLAG_NOTMPSAFE constant.


* modules/ssl/ssl_scache.c (ssl_scache_store, ssl_scache_retrieve,
  ssl_scache_remove, ssl_ext_status_hook): Lock and release the mutex
  around provider calls, if necessary.

* modules/ssl/ssl_engine_mutex.c (ssl_mutex_init): Do nothing if no
  session cache is configured, or the session cache does not require a
  mutex.  Otherwise, fail if no mutex is configured and the session
  cache *does* require a mutex.
  (ssl_mutex_on, ssl_mutex_off): Remove checks for mutex mode;
  functions now invoked only if necessary.

* modules/ssl/ssl_scache_dc.c, modules/ssl/ssl_scache_memcache: Set
  name and flags fields in provider structures.

* modules/ssl/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Remove
  mutex handling through; set name and flags fields in provider
  structures; mark both as unsafe for concurrent access in flags.

Modified:
    httpd/httpd/trunk/modules/ssl/ssl_engine_mutex.c
    httpd/httpd/trunk/modules/ssl/ssl_private.h
    httpd/httpd/trunk/modules/ssl/ssl_scache.c
    httpd/httpd/trunk/modules/ssl/ssl_scache_dbm.c
    httpd/httpd/trunk/modules/ssl/ssl_scache_dc.c
    httpd/httpd/trunk/modules/ssl/ssl_scache_memcache.c
    httpd/httpd/trunk/modules/ssl/ssl_scache_shmcb.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_mutex.c
URL: 
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_mutex.c?rev=631297&r1=631296&r2=631297&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_mutex.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_mutex.c Tue Feb 26 08:57:56 2008
@@ -39,12 +39,24 @@
     SSLModConfigRec *mc = myModConfig(s);
     apr_status_t rv;

 
-    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)

+    /* A mutex is only needed if a session cache is configured, and
+     * the provider used is not internally multi-process/thread
+     * safe. */
+    if (!mc->sesscache
+        || (mc->sesscache->flags & MODSSL_SESSCACHE_FLAG_NOTMPSAFE) == 0) {
         return TRUE;
+    }

 
     if (mc->pMutex) {

         return TRUE;
     }
+    else if (mc->nMutexMode == SSL_MUTEXMODE_NONE) {
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                     "An SSLMutex is required for the '%s' session cache",
+                     mc->sesscache->name);
+        return FALSE;
+    }
+
     if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile,
                                       mc->nMutexMech, s->process->pool))
             != APR_SUCCESS) {
@@ -97,8 +109,6 @@
     SSLModConfigRec *mc = myModConfig(s);
     apr_status_t rv;

 
-    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)

-        return TRUE;
     if ((rv = apr_global_mutex_lock(mc->pMutex)) != APR_SUCCESS) {
         ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s,
                      "Failed to acquire SSL session cache lock");
@@ -112,8 +122,6 @@
     SSLModConfigRec *mc = myModConfig(s);
     apr_status_t rv;

 
-    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)

-        return TRUE;
     if ((rv = apr_global_mutex_unlock(mc->pMutex)) != APR_SUCCESS) {
         ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s,
                      "Failed to release SSL session cache lock");



Another core dump with the perl test framework:

Program terminated with signal 11, Segmentation fault.
#0  apr_proc_mutex_child_init (mutex=0x4, fname=0x0, pool=0x80ed5c8) at 
locks/unix/proc_mutex.c:869
869         return (*mutex)->meth->child_init(mutex, pool, fname);
(gdb) bt
#0  apr_proc_mutex_child_init (mutex=0x4, fname=0x0, pool=0x80ed5c8) at 
locks/unix/proc_mutex.c:869
#1  0xb7dc2060 in apr_global_mutex_child_init (mutex=0x80ac434, fname=0x0, 
pool=0x80ed5c8) at locks/unix/global_mutex.c:88
#2  0xb797ec70 in ssl_mutex_reinit (s=0x80e22e8, p=0x80ed5c8) at 
ssl_engine_mutex.c:93
#3  0xb7976b08 in ssl_init_Child (p=0x80ed5c8, s=0x80e22e8) at 
ssl_engine_init.c:1244
#4  0x08076c63 in ap_run_child_init (pchild=0x80ed5c8, s=0x80e22e8) at 
config.c:159
#5  0x0808acc4 in child_main (child_num_arg=0) at worker.c:1160
#6  0x0808b0a0 in make_child (s=0x80e22e8, slot=0) at worker.c:1341
#7  0x0808be42 in ap_mpm_run (_pconf=0x80ae0a8, plog=0x80de168, s=0x80e22e8) at 
worker.c:1553
#8  0x08064b6a in main (argc=134922400, argv=0x80ed5c8) at main.c:768

But the following patch should fix this:

Index: modules/ssl/ssl_engine_mutex.c
===================================================================
--- modules/ssl/ssl_engine_mutex.c      (Revision 631367)
+++ modules/ssl/ssl_engine_mutex.c      (Arbeitskopie)
@@ -87,8 +87,10 @@
     SSLModConfigRec *mc = myModConfig(s);
     apr_status_t rv;

-    if (mc->nMutexMode == SSL_MUTEXMODE_NONE)
+    if (mc->nMutexMode == SSL_MUTEXMODE_NONE || !mc->sesscache
+        || (mc->sesscache->flags & MODSSL_SESSCACHE_FLAG_NOTMPSAFE) == 0) {
         return TRUE;
+    }

     if ((rv = apr_global_mutex_child_init(&mc->pMutex,
                                     mc->szMutexFile, p)) != APR_SUCCESS) {


Regards

RĂ¼diger























					Reply via email to