1/* Licensed to the Apache Software Foundation (ASF) under one or more 2 * contributor license agreements. See the NOTICE file distributed with 3 * this work for additional information regarding copyright ownership. 4 * The ASF licenses this file to You under the Apache License, Version 2.0 5 * (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17/* _ _ 18 * _ __ ___ ___ __| | ___ ___| | mod_ssl 19 * | '_ ` _ \ / _ \ / _` | / __/ __| | Apache Interface to OpenSSL 20 * | | | | | | (_) | (_| | \__ \__ \ | 21 * |_| |_| |_|\___/ \__,_|___|___/___/_| 22 * |_____| 23 * ssl_engine_mutex.c 24 * Semaphore for Mutual Exclusion 25 */ 26 /* ``Real programmers confuse 27 Christmas and Halloween 28 because DEC 25 = OCT 31.'' 29 -- Unknown */ 30 31#include "ssl_private.h" 32 33#ifdef AP_NEED_SET_MUTEX_PERMS 34#include "unixd.h" 35#endif 36 37int ssl_mutex_init(server_rec *s, apr_pool_t *p) 38{ 39 SSLModConfigRec *mc = myModConfig(s); 40 apr_status_t rv; 41 42 if (mc->nMutexMode == SSL_MUTEXMODE_NONE) 43 return TRUE; 44 45 if (mc->pMutex) { 46 return TRUE; 47 } 48 if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile, 49 mc->nMutexMech, s->process->pool)) 50 != APR_SUCCESS) { 51 if (mc->szMutexFile) 52 ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, 53 "Cannot create SSLMutex with file `%s'", 54 mc->szMutexFile); 55 else 56 ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, 57 "Cannot create SSLMutex"); 58 return FALSE; 59 } 60 61#ifdef AP_NEED_SET_MUTEX_PERMS 62 rv = unixd_set_global_mutex_perms(mc->pMutex); 63 if (rv != APR_SUCCESS) { 64 ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, 65 "Could not set permissions on ssl_mutex; check User " 66 "and Group directives"); 67 return FALSE; 68 } 69#endif 70 return TRUE; 71} 72 73int ssl_mutex_reinit(server_rec *s, apr_pool_t *p) 74{ 75 SSLModConfigRec *mc = myModConfig(s); 76 apr_status_t rv; 77 78 if (mc->nMutexMode == SSL_MUTEXMODE_NONE) 79 return TRUE; 80 81 if ((rv = apr_global_mutex_child_init(&mc->pMutex, 82 mc->szMutexFile, p)) != APR_SUCCESS) { 83 if (mc->szMutexFile) 84 ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, 85 "Cannot reinit SSLMutex with file `%s'", 86 mc->szMutexFile); 87 else 88 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, 89 "Cannot reinit SSLMutex"); 90 return FALSE; 91 } 92 return TRUE; 93} 94 95int ssl_mutex_on(server_rec *s) 96{ 97 SSLModConfigRec *mc = myModConfig(s); 98 apr_status_t rv; 99 100 if (mc->nMutexMode == SSL_MUTEXMODE_NONE) 101 return TRUE; 102 if ((rv = apr_global_mutex_lock(mc->pMutex)) != APR_SUCCESS) { 103 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, 104 "Failed to acquire SSL session cache lock"); 105 return FALSE; 106 } 107 return TRUE; 108} 109 110int ssl_mutex_off(server_rec *s) 111{ 112 SSLModConfigRec *mc = myModConfig(s); 113 apr_status_t rv; 114 115 if (mc->nMutexMode == SSL_MUTEXMODE_NONE) 116 return TRUE; 117 if ((rv = apr_global_mutex_unlock(mc->pMutex)) != APR_SUCCESS) { 118 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, 119 "Failed to release SSL session cache lock"); 120 return FALSE; 121 } 122 return TRUE; 123} 124 125