[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-directory-commits
Subject: [Fedora-directory-commits] mod_nss nss_engine_init.c,1.22,1.23
From: "Robert Crittenden" (rcritten) <fedora-directory-commits () redhat ! com>
Date: 2006-08-24 15:50:23
Message-ID: 200608241550.k7OFoN5c031355 () cvs-int ! fedora ! redhat ! com
[Download RAW message or body]
Author: rcritten
Update of /cvs/dirsec/mod_nss
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31338
Modified Files:
nss_engine_init.c
Log Message:
Initialize the NSS cache before NSS_Init is called. A race condition
was being triggered during the first module unload when calling
NSS_Shutdown because the cache wasn't finished setting itself up
in MP mode.
Index: nss_engine_init.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_init.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- nss_engine_init.c 2 Aug 2006 18:59:12 -0000 1.22
+++ nss_engine_init.c 24 Aug 2006 15:50:20 -0000 1.23
@@ -205,6 +205,14 @@
/* Set the PKCS #11 strings for the internal token. */
PK11_ConfigurePKCS11(NULL,NULL,NULL, INTERNAL_TOKEN_NAME, NULL, \
NULL,NULL,NULL,8,1);
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
+ "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS \
timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, \
mc->ssl3_session_cache_timeout); + ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
+ if (forked)
+ SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) \
mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); + \
else + SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) \
mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL); +
/* We need to be in the same directory as libnssckbi.so to load the
* root certificates properly.
*/
@@ -268,14 +276,6 @@
nss_die();
}
- ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
- "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS \
timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, \
mc->ssl3_session_cache_timeout);
- ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
- if (forked)
- SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) \
mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, \
NULL);
- else
- SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) \
mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, \
NULL);
-
if (ocspenabled) {
CERT_EnableOCSPChecking(CERT_GetDefaultCertDB());
ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic