diff options
author | rcritten <> | 2006-08-24 15:50:20 +0000 |
---|---|---|
committer | rcritten <> | 2006-08-24 15:50:20 +0000 |
commit | 09e567625d7ed4fcd9de834c6c41e86967e0adce (patch) | |
tree | 4d594f7ef05eaf0df9b12e28a5b45040d64e8f13 /nss_engine_init.c | |
parent | f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1 (diff) | |
download | mod_nss-09e567625d7ed4fcd9de834c6c41e86967e0adce.tar.gz mod_nss-09e567625d7ed4fcd9de834c6c41e86967e0adce.tar.xz mod_nss-09e567625d7ed4fcd9de834c6c41e86967e0adce.zip |
Initialize the NSS cache before NSS_Init is called. A race condition
was being triggered during the first module unload when calling
NSS_Shutdown because the cache wasn't finished setting itself up
in MP mode.
Diffstat (limited to 'nss_engine_init.c')
-rw-r--r-- | nss_engine_init.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/nss_engine_init.c b/nss_engine_init.c index e09b077..6e588d5 100644 --- a/nss_engine_init.c +++ b/nss_engine_init.c @@ -205,6 +205,14 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled, int fipsenabled, /* Set the PKCS #11 strings for the internal token. */ PK11_ConfigurePKCS11(NULL,NULL,NULL, INTERNAL_TOKEN_NAME, NULL, NULL,NULL,NULL,8,1); + ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, + "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout); + ap_mpm_query(AP_MPMQ_IS_FORKED, &forked); + if (forked) + SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); + else + SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); + /* We need to be in the same directory as libnssckbi.so to load the * root certificates properly. */ @@ -268,14 +276,6 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled, int fipsenabled, nss_die(); } - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout); - ap_mpm_query(AP_MPMQ_IS_FORKED, &forked); - if (forked) - SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); - else - SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); - if (ocspenabled) { CERT_EnableOCSPChecking(CERT_GetDefaultCertDB()); ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, |