1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * _ __ ___ ___ __| | ___ ___| | mod_ssl
19 * | '_ ` _ \ / _ \ / _` | / __/ __| | Apache Interface to OpenSSL
20 * | | | | | | (_) | (_| | \__ \__ \ |
21 * |_| |_| |_|\___/ \__,_|___|___/___/_|
24 * Session Cache Abstraction
26 /* ``Open-Source Software: generous
27 programmers from around the world all
28 join forces to help you shoot
29 yourself in the foot for free.''
33 /* _________________________________________________________________
35 ** Session Cache: Common Abstraction Layer
36 ** _________________________________________________________________
39 void ssl_scache_init(server_rec *s, apr_pool_t *p)
41 SSLModConfigRec *mc = myModConfig(s);
44 * Warn the user that he should use the session cache.
45 * But we can operate without it, of course.
47 if (mc->nSessionCacheMode == SSL_SCMODE_UNSET) {
48 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
49 "Init: Session Cache is not configured "
50 "[hint: SSLSessionCache]");
51 mc->nSessionCacheMode = SSL_SCMODE_NONE;
55 if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
56 ssl_scache_dbm_init(s, p);
57 else if ((mc->nSessionCacheMode == SSL_SCMODE_SHMHT) ||
58 (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)) {
60 const char *userdata_key = "ssl_scache_init";
62 apr_pool_userdata_get(&data, userdata_key, s->process->pool);
64 apr_pool_userdata_set((const void *)1, userdata_key,
65 apr_pool_cleanup_null, s->process->pool);
68 if (mc->nSessionCacheMode == SSL_SCMODE_SHMHT)
69 ssl_scache_shmht_init(s, p);
70 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
71 ssl_scache_shmcb_init(s, p);
75 void ssl_scache_kill(server_rec *s)
77 SSLModConfigRec *mc = myModConfig(s);
79 if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
80 ssl_scache_dbm_kill(s);
81 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMHT)
82 ssl_scache_shmht_kill(s);
83 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
84 ssl_scache_shmcb_kill(s);
88 BOOL ssl_scache_store(server_rec *s, UCHAR *id, int idlen, time_t expiry, SSL_SESSION *sess)
90 SSLModConfigRec *mc = myModConfig(s);
93 if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
94 rv = ssl_scache_dbm_store(s, id, idlen, expiry, sess);
95 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMHT)
96 rv = ssl_scache_shmht_store(s, id, idlen, expiry, sess);
97 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
98 rv = ssl_scache_shmcb_store(s, id, idlen, expiry, sess);
102 SSL_SESSION *ssl_scache_retrieve(server_rec *s, UCHAR *id, int idlen)
104 SSLModConfigRec *mc = myModConfig(s);
105 SSL_SESSION *sess = NULL;
107 if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
108 sess = ssl_scache_dbm_retrieve(s, id, idlen);
109 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMHT)
110 sess = ssl_scache_shmht_retrieve(s, id, idlen);
111 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
112 sess = ssl_scache_shmcb_retrieve(s, id, idlen);
116 void ssl_scache_remove(server_rec *s, UCHAR *id, int idlen)
118 SSLModConfigRec *mc = myModConfig(s);
120 if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
121 ssl_scache_dbm_remove(s, id, idlen);
122 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMHT)
123 ssl_scache_shmht_remove(s, id, idlen);
124 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
125 ssl_scache_shmcb_remove(s, id, idlen);
129 void ssl_scache_status(server_rec *s, apr_pool_t *p, void (*func)(char *, void *), void *arg)
131 SSLModConfigRec *mc = myModConfig(s);
133 if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
134 ssl_scache_dbm_status(s, p, func, arg);
135 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMHT)
136 ssl_scache_shmht_status(s, p, func, arg);
137 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
138 ssl_scache_shmcb_status(s, p, func, arg);
142 void ssl_scache_expire(server_rec *s)
144 SSLModConfigRec *mc = myModConfig(s);
146 if (mc->nSessionCacheMode == SSL_SCMODE_DBM)
147 ssl_scache_dbm_expire(s);
148 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMHT)
149 ssl_scache_shmht_expire(s);
150 else if (mc->nSessionCacheMode == SSL_SCMODE_SHMCB)
151 ssl_scache_shmcb_expire(s);
155 /* _________________________________________________________________
157 ** SSL Extension to mod_status
158 ** _________________________________________________________________
161 static void ssl_ext_ms_display(request_rec *, int, int);
163 void ssl_scache_status_register(apr_pool_t *p)
165 /* XXX point mod_status to this update, when it grows the opt fn */
167 ap_hook_register("ap::mod_status::display", ssl_ext_ms_display, AP_HOOK_NOCTX);
172 static void ssl_ext_ms_display_cb(char *str, void *_r)
174 request_rec *r = (request_rec *)_r;
180 static void ssl_ext_ms_display(request_rec *r, int no_table_report, int short_report)
182 SSLSrvConfigRec *sc = mySrvConfig(r->server);
188 ap_rputs("<hr>\n", r);
189 ap_rputs("<table cellspacing=0 cellpadding=0>\n", r);
190 ap_rputs("<tr><td bgcolor=\"#000000\">\n", r);
191 ap_rputs("<b><font color=\"#ffffff\" face=\"Arial,Helvetica\">SSL/TLS Session Cache Status:</font></b>\r", r);
192 ap_rputs("</td></tr>\n", r);
193 ap_rputs("<tr><td bgcolor=\"#ffffff\">\n", r);
194 ssl_scache_status(r->server, r->pool, ssl_ext_ms_display_cb, r);
195 ap_rputs("</td></tr>\n", r);
196 ap_rputs("</table>\n", r);