summaryrefslogtreecommitdiffstats
path: root/nss_engine_init.c
diff options
context:
space:
mode:
authorrcritten <>2006-08-24 15:50:20 +0000
committerrcritten <>2006-08-24 15:50:20 +0000
commit09e567625d7ed4fcd9de834c6c41e86967e0adce (patch)
tree4d594f7ef05eaf0df9b12e28a5b45040d64e8f13 /nss_engine_init.c
parentf85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1 (diff)
downloadmod_nss-09e567625d7ed4fcd9de834c6c41e86967e0adce.tar.gz
mod_nss-09e567625d7ed4fcd9de834c6c41e86967e0adce.tar.xz
mod_nss-09e567625d7ed4fcd9de834c6c41e86967e0adce.zip
Initialize the NSS cache before NSS_Init is called. A race condition
was being triggered during the first module unload when calling NSS_Shutdown because the cache wasn't finished setting itself up in MP mode.
Diffstat (limited to 'nss_engine_init.c')
-rw-r--r--nss_engine_init.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/nss_engine_init.c b/nss_engine_init.c
index e09b077..6e588d5 100644
--- a/nss_engine_init.c
+++ b/nss_engine_init.c
@@ -205,6 +205,14 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled, int fipsenabled,
/* Set the PKCS #11 strings for the internal token. */
PK11_ConfigurePKCS11(NULL,NULL,NULL, INTERNAL_TOKEN_NAME, NULL, NULL,NULL,NULL,8,1);
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
+ "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout);
+ ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
+ if (forked)
+ SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
+ else
+ SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
+
/* We need to be in the same directory as libnssckbi.so to load the
* root certificates properly.
*/
@@ -268,14 +276,6 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled, int fipsenabled,
nss_die();
}
- ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
- "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout);
- ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
- if (forked)
- SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
- else
- SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
-
if (ocspenabled) {
CERT_EnableOCSPChecking(CERT_GetDefaultCertDB());
ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
generated by cgit (git 2.34.1) at 2024-05-02 12:01:28 +0000