1/* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements.  See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License.  You may obtain a copy of the License at
7 *
8 *     http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17/*                      _             _
18 *  _ __ ___   ___   __| |    ___ ___| |  mod_ssl
19 * | '_ ` _ \ / _ \ / _` |   / __/ __| |  Apache Interface to OpenSSL
20 * | | | | | | (_) | (_| |   \__ \__ \ |
21 * |_| |_| |_|\___/ \__,_|___|___/___/_|
22 *                      |_____|
23 *  ssl_engine_mutex.c
24 *  Semaphore for Mutual Exclusion
25 */
26                             /* ``Real programmers confuse
27                                  Christmas and Halloween
28                                  because DEC 25 = OCT 31.''
29                                             -- Unknown     */
30
31#include "ssl_private.h"
32
33int ssl_mutex_init(server_rec *s, apr_pool_t *p)
34{
35    SSLModConfigRec *mc = myModConfig(s);
36    apr_status_t rv;
37
38    /* A mutex is only needed if a session cache is configured, and
39     * the provider used is not internally multi-process/thread
40     * safe. */
41    if (!mc->sesscache
42        || (mc->sesscache->flags & AP_SOCACHE_FLAG_NOTMPSAFE) == 0) {
43        return TRUE;
44    }
45
46    if (mc->pMutex) {
47        return TRUE;
48    }
49
50    if ((rv = ap_global_mutex_create(&mc->pMutex, NULL, SSL_CACHE_MUTEX_TYPE,
51                                     NULL, s, s->process->pool, 0))
52            != APR_SUCCESS) {
53        return FALSE;
54    }
55
56    return TRUE;
57}
58
59int ssl_mutex_reinit(server_rec *s, apr_pool_t *p)
60{
61    SSLModConfigRec *mc = myModConfig(s);
62    apr_status_t rv;
63    const char *lockfile;
64
65    if (mc->pMutex == NULL || !mc->sesscache
66        || (mc->sesscache->flags & AP_SOCACHE_FLAG_NOTMPSAFE) == 0) {
67        return TRUE;
68    }
69
70    lockfile = apr_global_mutex_lockfile(mc->pMutex);
71    if ((rv = apr_global_mutex_child_init(&mc->pMutex,
72                                          lockfile,
73                                          p)) != APR_SUCCESS) {
74        if (lockfile)
75            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(02024)
76                         "Cannot reinit %s mutex with file `%s'",
77                         SSL_CACHE_MUTEX_TYPE, lockfile);
78        else
79            ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, APLOGNO(02025)
80                         "Cannot reinit %s mutex", SSL_CACHE_MUTEX_TYPE);
81        return FALSE;
82    }
83    return TRUE;
84}
85
86int ssl_mutex_on(server_rec *s)
87{
88    SSLModConfigRec *mc = myModConfig(s);
89    apr_status_t rv;
90
91    if ((rv = apr_global_mutex_lock(mc->pMutex)) != APR_SUCCESS) {
92        ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, APLOGNO(02026)
93                     "Failed to acquire SSL session cache lock");
94        return FALSE;
95    }
96    return TRUE;
97}
98
99int ssl_mutex_off(server_rec *s)
100{
101    SSLModConfigRec *mc = myModConfig(s);
102    apr_status_t rv;
103
104    if ((rv = apr_global_mutex_unlock(mc->pMutex)) != APR_SUCCESS) {
105        ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, APLOGNO(02027)
106                     "Failed to release SSL session cache lock");
107        return FALSE;
108    }
109    return TRUE;
110}
111
112