diff options
| author | rcritten <> | 2005-08-04 18:07:22 +0000 |
|---|---|---|
| committer | rcritten <> | 2005-08-04 18:07:22 +0000 |
| commit | bb9b72e3fbffa8364ca63e33ce5185066ae0c427 (patch) | |
| tree | e794ceeb576c8f09347de08a35ffbcfd41bff638 | |
| parent | 70d2235dfbe3070e786ddf5024f03516b431bab3 (diff) | |
Also clean up the SSL Session ID Cache when shutting down.
If we are using the forked model, use the MP version of the Session ID
cache.
Don't call PR_Cleanup(), this could cause problems.
| -rw-r--r-- | nss_engine_init.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/nss_engine_init.c b/nss_engine_init.c index beeafcd..16d60d6 100644 --- a/nss_engine_init.c +++ b/nss_engine_init.c @@ -15,6 +15,7 @@ #include "mod_nss.h" #include "apr_thread_proc.h" +#include "ap_mpm.h" static SECStatus ownBadCertHandler(void *arg, PRFileDesc * socket); static SECStatus ownHandshakeCallback(PRFileDesc * socket, void *arg); @@ -107,6 +108,7 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled) SECStatus rv; SSLModConfigRec *mc = myModConfig(s); SSLSrvConfigRec *sc; + int forked = 0; sc = mySrvConfig(s); @@ -193,7 +195,11 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled) ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout); - SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); + ap_mpm_query(AP_MPMQ_IS_FORKED, &forked); + if (forked) + SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); + else + SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); } @@ -767,6 +773,7 @@ apr_status_t nss_init_ModuleKill(void *data) server_rec *base_server = (server_rec *)data; server_rec *s; SECStatus rv; + int shutdowncache = 0; /* * Free the non-pool allocated structures @@ -782,16 +789,19 @@ apr_status_t nss_init_ModuleKill(void *data) /* Closing this implicitly cleans up the copy of the certificates * and keys associated with any SSL socket */ PR_Close(sc->server->model); + + shutdowncache = 1; } } + if (shutdowncache) + SSL_ShutdownServerSessionIDCache(); + if ((rv = NSS_Shutdown()) != SECSuccess) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "NSS_Shutdown failed: %d", PR_GetError()); } - PR_Cleanup(); - return APR_SUCCESS; } |