Changeset 994200a in mod_gnutls


Ignore:
Timestamp:
Sep 25, 2018, 2:32:50 AM (5 years ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
asyncio, debian/master, main, master, proxy-ticket
Children:
efc43b4
Parents:
3358887
Message:

Set up shmcb OCSP cache by default

The shmcb socache doesn't require configuration, so it's suitable as a
default. Note that servers with many vhosts may need to configure a
cache larger than the default 32K to hold all responses.

Files:
2 edited

Legend:

Unmodified
Added
Removed

  • src/gnutls_cache.c

    r3358887 r994200a  
    4242/** Session cache name */
    4343#define MGS_SESSION_CACHE_NAME "gnutls_session"
     44
     45/** Default type for OCSP cache */
     46#define DEFAULT_OCSP_CACHE_TYPE "shmcb"
     47/** Default config string for OCSP cache */
     48#define DEFAULT_OCSP_CACHE_CONF ""
    4449
    4550/** Maximum length of the hex string representation of a GnuTLS
     
    434439
    435440
    436 int mgs_cache_post_config(apr_pool_t *pconf,
    437                           apr_pool_t *ptemp __attribute__((unused)),
     441int mgs_cache_post_config(apr_pool_t *pconf, apr_pool_t *ptemp,
    438442                          server_rec *s, mgs_srvconf_rec *sc)
    439443{
    440444    apr_status_t rv = APR_SUCCESS;
     445
     446    /* If the OCSP cache is unconfigured initialize it with
     447     * defaults. */
     448    if (sc->ocsp_cache == NULL)
     449    {
     450        ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, s,
     451                     "%s: OCSP cache unconfigured, using '%s:%s'.", __func__,
     452                     DEFAULT_OCSP_CACHE_TYPE, DEFAULT_OCSP_CACHE_CONF);
     453        const char *err = mgs_cache_inst_config(&sc->ocsp_cache, s,
     454                                                DEFAULT_OCSP_CACHE_TYPE,
     455                                                DEFAULT_OCSP_CACHE_CONF,
     456                                                pconf, ptemp);
     457        if (err != NULL)
     458            ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s,
     459                         "%s: Configuring default OCSP cache '%s:%s' failed, "
     460                         "make sure that mod_socache_%s is loaded.", __func__,
     461                         DEFAULT_OCSP_CACHE_TYPE, DEFAULT_OCSP_CACHE_CONF,
     462                         DEFAULT_OCSP_CACHE_TYPE);
     463    }
    441464
    442465    /* Initialize the OCSP cache first so it's not skipped if the

  • test/tests/27_OCSP_server/apache.conf

    r3358887 r994200a  
    11Include ${srcdir}/base_apache.conf
    22GnuTLSCache ${DEFAULT_CACHE}
    3 GnuTLSOCSPCache shmcb
     3
     4# Leave GnuTLSOCSPCache unconfigured so the default shmcb cache is
     5# used
     6#GnuTLSOCSPCache shmcb
    47
    58<VirtualHost _default_:${TEST_PORT}>
Note: See TracChangeset for help on using the changeset viewer.