On Mon, Sep 10, 2007 at 09:47:24PM +0200, Ruediger Pluem wrote:
> On 09/10/2007 08:40 AM, Plüm wrote:
> > That was the goal of my diagnostic patch: Finding out if we have a pool
> > issue. Looks like we have. I guess the right fix is as you say
> > to use the parent pool (process scope).
>
> Not 100% sure regarding the correct pool, but would that be the correct fix
That's not really thread-safe, and it ought to be, though we might get
away with it since it's called during startup. But rather than guessing
pools, actually caching the stuff once at startup is probably cleanest,
e.g.:
Index: ssl_private.h
===================================================================
--- ssl_private.h (revision 574523)
+++ ssl_private.h (working copy)
@@ -680,7 +680,7 @@
void ssl_log_ssl_error(const char *, int, int, server_rec *);
/** Variables */
-void ssl_var_register(void);
+void ssl_var_register(apr_pool_t *p);
char *ssl_var_lookup(apr_pool_t *, server_rec *, conn_rec *,
request_rec *, char *);
apr_array_header_t *ssl_ext_list(apr_pool_t *p, conn_rec *c, int peer, const
char *extension);
Index: ssl_engine_vars.c
===================================================================
--- ssl_engine_vars.c (revision 574523)
+++ ssl_engine_vars.c (working copy)
@@ -58,12 +58,32 @@
return sslconn && sslconn->ssl;
}
-void ssl_var_register(void)
+static const char var_interface[] = "mod_ssl/" MOD_SSL_VERSION;
+static char var_library_interface[] = SSL_LIBRARY_TEXT;
+static char *var_library = NULL;
+
+void ssl_var_register(apr_pool_t *p)
{
+ char *cp, *cp2;
+
APR_REGISTER_OPTIONAL_FN(ssl_is_https);
APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
APR_REGISTER_OPTIONAL_FN(ssl_ext_list);
- return;
+
+ /* Perform once-per-process library version determination: */
+ var_library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT);
+
+ if ((cp = strchr(var_library, ' ')) != NULL) {
+ *cp = '/';
+ if ((cp2 = strchr(cp, ' ')) != NULL)
+ *cp2 = NUL;
+ }
+
+ if ((cp = strchr(var_library_interface, ' ')) != NULL) {
+ *cp = '/';
+ if ((cp2 = strchr(cp, ' ')) != NULL)
+ *cp2 = NUL;
+ }
}
/* This function must remain safe to use for a non-SSL connection. */
@@ -635,34 +655,16 @@
static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var)
{
- static const char interface[] = "mod_ssl/" MOD_SSL_VERSION;
- static char library_interface[] = SSL_LIBRARY_TEXT;
- static char *library = NULL;
char *result;
- if (!library) {
- char *cp, *cp2;
- library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT);
- if ((cp = strchr(library, ' ')) != NULL) {
- *cp = '/';
- if ((cp2 = strchr(cp, ' ')) != NULL)
- *cp2 = NUL;
- }
- if ((cp = strchr(library_interface, ' ')) != NULL) {
- *cp = '/';
- if ((cp2 = strchr(cp, ' ')) != NULL)
- *cp2 = NUL;
- }
- }
-
if (strEQ(var, "INTERFACE")) {
- result = apr_pstrdup(p, interface);
+ result = apr_pstrdup(p, var_interface);
}
else if (strEQ(var, "LIBRARY_INTERFACE")) {
- result = apr_pstrdup(p, library_interface);
+ result = apr_pstrdup(p, var_library_interface);
}
else if (strEQ(var, "LIBRARY")) {
- result = apr_pstrdup(p, library);
+ result = apr_pstrdup(p, var_library);
}
else {
result = NULL;
Index: mod_ssl.c
===================================================================
--- mod_ssl.c (revision 574523)
+++ mod_ssl.c (working copy)
@@ -482,7 +482,7 @@
ap_hook_insert_filter (ssl_hook_Insert_Filter, NULL,NULL, APR_HOOK_MIDDLE);
/* ap_hook_handler (ssl_hook_Upgrade, NULL,NULL,
APR_HOOK_MIDDLE); */
- ssl_var_register();
+ ssl_var_register(p);
APR_REGISTER_OPTIONAL_FN(ssl_proxy_enable);
APR_REGISTER_OPTIONAL_FN(ssl_engine_disable);
