diff options
Diffstat (limited to 'src/gnutls_cache.c')
-rw-r--r-- | src/gnutls_cache.c | 97 |
1 files changed, 63 insertions, 34 deletions
diff --git a/src/gnutls_cache.c b/src/gnutls_cache.c index 4c094fa..83e7bb5 100644 --- a/src/gnutls_cache.c +++ b/src/gnutls_cache.c | |||
@@ -34,17 +34,16 @@ | |||
34 | 34 | ||
35 | 35 | ||
36 | #define MC_TAG "mod_gnutls:" | 36 | #define MC_TAG "mod_gnutls:" |
37 | #define MC_TAG_LEN \ | 37 | #define MC_TAG_LEN sizeof(MC_TAG) |
38 | (sizeof(MC_TAG)) | ||
39 | #define STR_SESSION_LEN (GNUTLS_SESSION_ID_STRING_LEN + MC_TAG_LEN) | 38 | #define STR_SESSION_LEN (GNUTLS_SESSION_ID_STRING_LEN + MC_TAG_LEN) |
40 | 39 | ||
41 | static char *gnutls_session_id2sz(unsigned char *id, int idlen, | 40 | char *mgs_session_id2sz(unsigned char *id, int idlen, |
42 | char *str, int strsize) | 41 | char *str, int strsize) |
43 | { | 42 | { |
44 | char *cp; | 43 | char *cp; |
45 | int n; | 44 | int n; |
46 | 45 | ||
47 | cp = apr_cpystrn(str, MC_TAG, MC_TAG_LEN); | 46 | cp = str; |
48 | for (n = 0; n < idlen && n < GNUTLS_MAX_SESSION_ID; n++) { | 47 | for (n = 0; n < idlen && n < GNUTLS_MAX_SESSION_ID; n++) { |
49 | apr_snprintf(cp, strsize - (cp-str), "%02X", id[n]); | 48 | apr_snprintf(cp, strsize - (cp-str), "%02X", id[n]); |
50 | cp += 2; | 49 | cp += 2; |
@@ -53,23 +52,58 @@ static char *gnutls_session_id2sz(unsigned char *id, int idlen, | |||
53 | return str; | 52 | return str; |
54 | } | 53 | } |
55 | 54 | ||
56 | char *mgs_session_id2sz(unsigned char *id, int idlen, | 55 | |
57 | char *str, int strsize) | 56 | /* Name the Session ID as: |
57 | * server:port.SessionID | ||
58 | * to disallow resuming sessions on different servers | ||
59 | */ | ||
60 | static int mgs_session_id2dbm(conn_rec* c, unsigned char *id, int idlen, | ||
61 | apr_datum_t* dbmkey) | ||
58 | { | 62 | { |
59 | char *cp; | 63 | char buf[STR_SESSION_LEN]; |
60 | int n; | 64 | char *sz; |
61 | 65 | ||
62 | cp = str; | 66 | sz = mgs_session_id2sz(id, idlen, buf, sizeof(buf)); |
63 | for (n = 0; n < idlen && n < GNUTLS_MAX_SESSION_ID; n++) { | 67 | if (sz == NULL) |
64 | apr_snprintf(cp, strsize - (cp-str), "%02X", id[n]); | 68 | return -1; |
65 | cp += 2; | 69 | |
66 | } | 70 | dbmkey->dptr = apr_psprintf(c->pool, "%s:%d.%s", c->base_server->server_hostname, c->base_server->port, sz); |
67 | *cp = '\0'; | 71 | dbmkey->dsize = strlen( dbmkey->dptr); |
68 | return str; | 72 | |
73 | return 0; | ||
69 | } | 74 | } |
70 | 75 | ||
76 | #define CTIME "%b %d %k:%M:%S %Y %Z" | ||
77 | char *mgs_time2sz(time_t in_time, char *str, int strsize) | ||
78 | { | ||
79 | apr_time_exp_t vtm; | ||
80 | apr_size_t ret_size; | ||
81 | apr_time_t t; | ||
82 | |||
83 | |||
84 | apr_time_ansi_put (&t, in_time); | ||
85 | apr_time_exp_gmt (&vtm, t); | ||
86 | apr_strftime(str, &ret_size, strsize-1, CTIME, &vtm); | ||
87 | |||
88 | return str; | ||
89 | } | ||
71 | 90 | ||
72 | #if HAVE_APR_MEMCACHE | 91 | #if HAVE_APR_MEMCACHE |
92 | /* Name the Session ID as: | ||
93 | * server:port.SessionID | ||
94 | * to disallow resuming sessions on different servers | ||
95 | */ | ||
96 | static char* mgs_session_id2mc(conn_rec* c, unsigned char *id, int idlen) | ||
97 | { | ||
98 | char buf[STR_SESSION_LEN]; | ||
99 | char *sz; | ||
100 | |||
101 | sz = mgs_session_id2sz(id, idlen, buf, sizeof(buf)); | ||
102 | if (sz == NULL) | ||
103 | return NULL; | ||
104 | |||
105 | return apr_psprintf(c->pool, MC_TAG"%s:%d.%s", c->base_server->server_hostname, c->base_server->port, sz); | ||
106 | } | ||
73 | 107 | ||
74 | /** | 108 | /** |
75 | * GnuTLS Session Cache using libmemcached | 109 | * GnuTLS Session Cache using libmemcached |
@@ -167,11 +201,10 @@ static int mc_cache_store(void* baton, gnutls_datum_t key, | |||
167 | { | 201 | { |
168 | apr_status_t rv = APR_SUCCESS; | 202 | apr_status_t rv = APR_SUCCESS; |
169 | mgs_handle_t *ctxt = baton; | 203 | mgs_handle_t *ctxt = baton; |
170 | char buf[STR_SESSION_LEN]; | ||
171 | char* strkey = NULL; | 204 | char* strkey = NULL; |
172 | apr_uint32_t timeout; | 205 | apr_uint32_t timeout; |
173 | 206 | ||
174 | strkey = gnutls_session_id2sz(key.data, key.size, buf, sizeof(buf)); | 207 | strkey = mgs_session_id2mc(ctxt->c, key.data, key.size); |
175 | if(!strkey) | 208 | if(!strkey) |
176 | return -1; | 209 | return -1; |
177 | 210 | ||
@@ -194,13 +227,12 @@ static gnutls_datum_t mc_cache_fetch(void* baton, gnutls_datum_t key) | |||
194 | { | 227 | { |
195 | apr_status_t rv = APR_SUCCESS; | 228 | apr_status_t rv = APR_SUCCESS; |
196 | mgs_handle_t *ctxt = baton; | 229 | mgs_handle_t *ctxt = baton; |
197 | char buf[STR_SESSION_LEN]; | ||
198 | char* strkey = NULL; | 230 | char* strkey = NULL; |
199 | char* value; | 231 | char* value; |
200 | apr_size_t value_len; | 232 | apr_size_t value_len; |
201 | gnutls_datum_t data = { NULL, 0 }; | 233 | gnutls_datum_t data = { NULL, 0 }; |
202 | 234 | ||
203 | strkey = gnutls_session_id2sz(key.data, key.size, buf, sizeof(buf)); | 235 | strkey = mgs_session_id2mc(ctxt->c, key.data, key.size); |
204 | if (!strkey) { | 236 | if (!strkey) { |
205 | return data; | 237 | return data; |
206 | } | 238 | } |
@@ -235,10 +267,9 @@ static int mc_cache_delete(void* baton, gnutls_datum_t key) | |||
235 | { | 267 | { |
236 | apr_status_t rv = APR_SUCCESS; | 268 | apr_status_t rv = APR_SUCCESS; |
237 | mgs_handle_t *ctxt = baton; | 269 | mgs_handle_t *ctxt = baton; |
238 | char buf[STR_SESSION_LEN]; | ||
239 | char* strkey = NULL; | 270 | char* strkey = NULL; |
240 | 271 | ||
241 | strkey = gnutls_session_id2sz(key.data, key.size, buf, sizeof(buf)); | 272 | strkey = mgs_session_id2mc(ctxt->c, key.data, key.size); |
242 | if(!strkey) | 273 | if(!strkey) |
243 | return -1; | 274 | return -1; |
244 | 275 | ||
@@ -349,10 +380,8 @@ static gnutls_datum_t dbm_cache_fetch(void* baton, gnutls_datum_t key) | |||
349 | mgs_handle_t *ctxt = baton; | 380 | mgs_handle_t *ctxt = baton; |
350 | apr_status_t rv; | 381 | apr_status_t rv; |
351 | 382 | ||
352 | dbmkey.dptr = key.data; | 383 | if (mgs_session_id2dbm(ctxt->c, key.data, key.size, &dbmkey) < 0) |
353 | dbmkey.dsize = key.size; | 384 | return data; |
354 | |||
355 | dbm_cache_expire(ctxt); | ||
356 | 385 | ||
357 | rv = apr_dbm_open(&dbm, ctxt->sc->cache_config, | 386 | rv = apr_dbm_open(&dbm, ctxt->sc->cache_config, |
358 | APR_DBM_RWCREATE, SSL_DBM_FILE_MODE, ctxt->c->pool); | 387 | APR_DBM_RWCREATE, SSL_DBM_FILE_MODE, ctxt->c->pool); |
@@ -398,9 +427,9 @@ static int dbm_cache_store(void* baton, gnutls_datum_t key, | |||
398 | mgs_handle_t *ctxt = baton; | 427 | mgs_handle_t *ctxt = baton; |
399 | apr_status_t rv; | 428 | apr_status_t rv; |
400 | apr_time_t expiry; | 429 | apr_time_t expiry; |
401 | 430 | ||
402 | dbmkey.dptr = (char *)key.data; | 431 | if (mgs_session_id2dbm(ctxt->c, key.data, key.size, &dbmkey) < 0) |
403 | dbmkey.dsize = key.size; | 432 | return -1; |
404 | 433 | ||
405 | /* create DBM value */ | 434 | /* create DBM value */ |
406 | dbmval.dsize = data.size + sizeof(apr_time_t); | 435 | dbmval.dsize = data.size + sizeof(apr_time_t); |
@@ -412,6 +441,8 @@ static int dbm_cache_store(void* baton, gnutls_datum_t key, | |||
412 | memcpy((char *)dbmval.dptr+sizeof(apr_time_t), | 441 | memcpy((char *)dbmval.dptr+sizeof(apr_time_t), |
413 | data.data, data.size); | 442 | data.data, data.size); |
414 | 443 | ||
444 | /* we expire dbm only on every store | ||
445 | */ | ||
415 | dbm_cache_expire(ctxt); | 446 | dbm_cache_expire(ctxt); |
416 | 447 | ||
417 | rv = apr_dbm_open(&dbm, ctxt->sc->cache_config, | 448 | rv = apr_dbm_open(&dbm, ctxt->sc->cache_config, |
@@ -450,12 +481,10 @@ static int dbm_cache_delete(void* baton, gnutls_datum_t key) | |||
450 | apr_datum_t dbmkey; | 481 | apr_datum_t dbmkey; |
451 | mgs_handle_t *ctxt = baton; | 482 | mgs_handle_t *ctxt = baton; |
452 | apr_status_t rv; | 483 | apr_status_t rv; |
453 | |||
454 | dbmkey.dptr = (char *)key.data; | ||
455 | dbmkey.dsize = key.size; | ||
456 | 484 | ||
457 | dbm_cache_expire(ctxt); | 485 | if (mgs_session_id2dbm(ctxt->c, key.data, key.size, &dbmkey) < 0) |
458 | 486 | return -1; | |
487 | |||
459 | rv = apr_dbm_open(&dbm, ctxt->sc->cache_config, | 488 | rv = apr_dbm_open(&dbm, ctxt->sc->cache_config, |
460 | APR_DBM_RWCREATE, SSL_DBM_FILE_MODE, ctxt->c->pool); | 489 | APR_DBM_RWCREATE, SSL_DBM_FILE_MODE, ctxt->c->pool); |
461 | if (rv != APR_SUCCESS) { | 490 | if (rv != APR_SUCCESS) { |