'[Fedora-directory-commits] mod_nss nss_engine_init.c,1.22,1.23'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-directory-commits
Subject:    [Fedora-directory-commits] mod_nss nss_engine_init.c,1.22,1.23
From:       "Robert Crittenden" (rcritten) <fedora-directory-commits () redhat ! com>
Date:       2006-08-24 15:50:23
Message-ID: 200608241550.k7OFoN5c031355 () cvs-int ! fedora ! redhat ! com
[Download RAW message or body]

Author: rcritten

Update of /cvs/dirsec/mod_nss
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31338

Modified Files:
	nss_engine_init.c 
Log Message:
Initialize the NSS cache before NSS_Init is called. A race condition
was being triggered during the first module unload when calling
NSS_Shutdown because the cache wasn't finished setting itself up
in MP mode.



Index: nss_engine_init.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_init.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- nss_engine_init.c	2 Aug 2006 18:59:12 -0000	1.22
+++ nss_engine_init.c	24 Aug 2006 15:50:20 -0000	1.23
@@ -205,6 +205,14 @@
     /* Set the PKCS #11 strings for the internal token. */
     PK11_ConfigurePKCS11(NULL,NULL,NULL, INTERNAL_TOKEN_NAME, NULL, \
NULL,NULL,NULL,8,1);  
+    ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
+        "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS \
timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, \
mc->ssl3_session_cache_timeout); +    ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
+    if (forked)
+        SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) \
mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); +    \
else +        SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) \
mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); +
     /* We need to be in the same directory as libnssckbi.so to load the
      * root certificates properly.
      */
@@ -268,14 +276,6 @@
         nss_die();
     }
 
-    ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
-        "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS \
timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, \
                mc->ssl3_session_cache_timeout);
-    ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
-    if (forked)
-        SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) \
                mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, \
                NULL);
-    else
-        SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) \
                mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, \
                NULL);
-
     if (ocspenabled) {
         CERT_EnableOCSPChecking(CERT_GetDefaultCertDB());
         ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic