On Thu, Oct 01, 1998, Maert Laak wrote:
> I've installed Apache+mod_ssl-2.0.11-1.3.2 on SCO machine...
> Everything works correctly except that I noticed that my sessions are
> very long cached in gcache and very randomly timeouted although I've set
> SSLSessionCacheTimeout to 15 sek as in standard conf file.
> So I looked up the ssl_gcache* programs and voila! found a thing that
> looks very much like a bug to me:
>
> In file ssl_gcachecommon.c in subroutine LocalCacheFind (row 189) there
> is a static int variable nCalls that _is_not_initialized_? And later
> this nCalls is increased and compared to 1. So the results are
> unpredictable here?
>
> I overcome this bug by uncommenting the if-thing there and executing
> ExpireCache every time LocalCacheFind is called. This way
> SSLSessionCacheTimeout works correctly.
Yes, that's a bug. Fixed for mod_ssl 2.0.12. Thanks for the hint.
> This way LocalCahceFind scans cache entries before every find. But, isn't
> there a better way to do the cahce expiry by adding the tExpiresAt
> verification into LocalCacheFind routine itself and doing the
> ExpireCache only after every, say, 100 LocalCacheFind calls (to ensure
> that entries will be freed at last)?
Hmmm.... yes. But I want to avod to hack on the gcache stuff anymore. It's
already kicked out from 2.1 and replaced by a DBM database plus a direct
SSLeay cache timeout control. This works more reliable. So please understand
that I don't want to change the gcache stuff in 2.0. The chance is too high to
break anything on this stable branch.
> PS! It wold be nice to have some gcache information also on server-status
> page as generated by mod_status module. Can it be done with patching
> mod_status or has it be separate module. I can do this if somebody gives
> me some guidlines how to get all cache entries from gcache?
SSL page information for mod_status like Strongholds infos are already in the
queue. But it's a good hint to display the cache, too. I'll put this on the
WISHLIST. Under mod_ssl 2.0 I see no nice and efficient way to get the cache
information.
> PS/2! I know there will be some dbm-based cahceing in the next main
> release of mod_sssl but I'd like to run some reliable session-cacheing
> SSL-server today...
I've already comitted your above bugfix and it will occur with mod_ssl 2.0.12
tomorrow (or on Saturday). But for more reliable session caching you have to
wait for 2.1, sorry.
Greetings,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
