source: mod_gnutls/src/gnutls_cache.h @ c005645

debian/masterdebian/stretch-backportsupstream
Last change on this file since c005645 was c005645, checked in by Thomas Klute <thomas2.klute@…>, 3 years ago

Mutex for DBM cache access

I noticed that with a DBM cache enabled and session tickets disabled
even a handful of parallel connections trashed the cache database, and
consequently the error log. According to comments and documentation on
mod_socache_dbm the APR DBM module is not thread or multi-process
safe, so a global mutex is necessary. With the mutex the cache
corruption disappears in my benchmarks.

  • Property mode set to 100644
File size: 2.2 KB
Line 
1/**
2 *  Copyright 2004-2005 Paul Querna
3 *  Copyright 2014 Nikos Mavrogiannopoulos
4 *  Copyright 2015-2016 Thomas Klute
5 *
6 *  Licensed under the Apache License, Version 2.0 (the "License");
7 *  you may not use this file except in compliance with the License.
8 *  You may obtain a copy of the License at
9 *
10 *      http://www.apache.org/licenses/LICENSE-2.0
11 *
12 *  Unless required by applicable law or agreed to in writing, software
13 *  distributed under the License is distributed on an "AS IS" BASIS,
14 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 *  See the License for the specific language governing permissions and
16 *  limitations under the License.
17 *
18 */
19
20#ifndef __MOD_GNUTLS_CACHE_H__
21#define __MOD_GNUTLS_CACHE_H__
22
23#include "mod_gnutls.h"
24#include <httpd.h>
25
26#define MGS_CACHE_MUTEX_NAME "gnutls-cache"
27
28/**
29 * Init the Cache after Configuration is done
30 */
31int mgs_cache_post_config(apr_pool_t *p, server_rec *s, mgs_srvconf_rec *sc);
32
33/**
34 * Init the Cache inside each Process
35 */
36int mgs_cache_child_init(apr_pool_t *p, server_rec *s, mgs_srvconf_rec *sc);
37
38/**
39 * Setup the Session Caching
40 */
41int mgs_cache_session_init(mgs_handle_t *ctxt);
42
43#define GNUTLS_SESSION_ID_STRING_LEN \
44    ((GNUTLS_MAX_SESSION_ID + 1) * 2)
45
46
47
48/**
49 * Convert a SSL Session ID into a Null Terminated Hex Encoded String
50 * @param id raw SSL Session ID
51 * @param idlen Length of the raw Session ID
52 * @param str Location to store the Hex Encoded String
53 * @param strsize The Maximum Length that can be stored in str
54 */
55char *mgs_session_id2sz(unsigned char *id, int idlen, char *str, int strsize);
56
57/**
58 * Convert a time_t into a Null Terminated String
59 * @param t time_t time
60 * @param str Location to store the Hex Encoded String
61 * @param strsize The Maximum Length that can be stored in str
62 */
63char *mgs_time2sz(time_t t, char *str, int strsize);
64
65/*
66 * EXPERIMENTAL: Make DBM cache available for OCSP caching. To be
67 * replaced with properly configurable caching that can also use
68 * memcached later.
69 */
70#include <apr_dbm.h>
71int dbm_cache_store(server_rec *s, gnutls_datum_t key,
72                    gnutls_datum_t data, apr_time_t expiry);
73gnutls_datum_t dbm_cache_fetch(mgs_handle_t *ctxt, gnutls_datum_t key);
74
75#endif /** __MOD_GNUTLS_CACHE_H__ */
Note: See TracBrowser for help on using the repository browser.