Changeset d6834e0 in mod_gnutls for src/gnutls_ocsp.h


Ignore:
Timestamp:
Jun 10, 2016, 9:34:08 AM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, upstream
Children:
15b22cb
Parents:
aa68232
git-author:
Thomas Klute <thomas2.klute@…> (06/10/16 09:29:57)
git-committer:
Thomas Klute <thomas2.klute@…> (06/10/16 09:34:08)
Message:

OCSP refresh mutex: Prevent parallel requests

Add a global mutex which a thread must hold before updating a cached
OCSP response. This avoids two threads updating the same response in
parallel. The impact of parallel updates may be small with the
experimental file-based mechanism, but an extra OCSP request over HTTP
would add a lot of overhead.

Note that the new 'gnutls-ocsp' mutex is a global mutex, not one per
virtual host, because a mutex must be registered in pre_config for the
Mutex directive to work.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • src/gnutls_ocsp.h

    raa68232 rd6834e0  
    2222#include "httpd.h"
    2323#include "http_config.h"
     24
     25#define MGS_OCSP_MUTEX_NAME "gnutls-ocsp"
    2426
    2527const char *mgs_store_ocsp_response_path(cmd_parms * parms,
Note: See TracChangeset for help on using the changeset viewer.