Changeset c005645 in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
Jun 8, 2016, 3:31:29 PM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, proxy-ticket, upstream
Children:
c55902b
Parents:
eb63377
Message:

Mutex for DBM cache access

I noticed that with a DBM cache enabled and session tickets disabled
even a handful of parallel connections trashed the cache database, and
consequently the error log. According to comments and documentation on
mod_socache_dbm the APR DBM module is not thread or multi-process
safe, so a global mutex is necessary. With the mutex the cache
corruption disappears in my benchmarks.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    reb63377 rc005645  
    2626#include "ap_mpm.h"
    2727#include "mod_status.h"
     28#include <util_mutex.h>
    2829
    2930#ifdef ENABLE_MSVA
     
    124125    AP_OPTIONAL_HOOK(status_hook, mgs_status_hook, NULL, NULL, APR_HOOK_MIDDLE);
    125126
    126         /* Register a pool clean-up function */
     127    ap_mutex_register(pconf, MGS_CACHE_MUTEX_NAME, NULL, APR_LOCK_DEFAULT, 0);
     128
     129    /* Register a pool clean-up function */
    127130    apr_pool_cleanup_register(pconf, NULL, mgs_cleanup_pre_config, apr_pool_cleanup_null);
    128131
     
    331334
    332335    rv = mgs_cache_post_config(pconf, s, sc_base);
    333     if (rv != 0) {
     336    if (rv != APR_SUCCESS)
     337    {
    334338        ap_log_error(APLOG_MARK, APLOG_STARTUP, rv, s,
    335                 "GnuTLS: Post Config for GnuTLSCache Failed."
    336                 " Shutting Down.");
     339                     "Post config for cache failed.");
    337340        return HTTP_INSUFFICIENT_STORAGE;
    338341    }
     
    371374        sc->cache_config = sc_base->cache_config;
    372375        sc->cache_timeout = sc_base->cache_timeout;
     376        sc->cache_mutex = sc_base->cache_mutex;
    373377
    374378        rv = mgs_load_files(pconf, s);
     
    495499}
    496500
    497 void mgs_hook_child_init(apr_pool_t * p, server_rec *s) {
     501void mgs_hook_child_init(apr_pool_t *p, server_rec *s)
     502{
    498503    apr_status_t rv = APR_SUCCESS;
    499     mgs_srvconf_rec *sc =
    500         (mgs_srvconf_rec *) ap_get_module_config(s->module_config, &gnutls_module);
     504    mgs_srvconf_rec *sc = (mgs_srvconf_rec *)
     505        ap_get_module_config(s->module_config, &gnutls_module);
    501506
    502507    _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
     508
    503509    /* if we use PKCS #11 reinitialize it */
    504 
    505510    if (mgs_pkcs11_reinit(s) < 0) {
    506511            ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
     
    516521        }
    517522    }
     523
     524    /* reinit cache mutex */
     525    if (sc->cache_mutex != NULL)
     526    {
     527        const char *lockfile = apr_global_mutex_lockfile(sc->cache_mutex);
     528        rv = apr_global_mutex_child_init(&sc->cache_mutex, lockfile, p);
     529        if (rv != APR_SUCCESS)
     530            ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
     531                         "Failed to reinit mutex '%s'", MGS_CACHE_MUTEX_NAME);
     532    }
     533
    518534    /* Block SIGPIPE Signals */
    519535    rv = apr_signal_block(SIGPIPE);
Note: See TracChangeset for help on using the changeset viewer.