[Fedora-directory-commits] mod_nss nss_engine_init.c,1.22,1.23 - 389-commits - Fedora mailing-lists

24 Aug 2006

Author: rcritten
Update of /cvs/dirsec/mod_nss
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31338
Modified Files:
    nss_engine_init.c 
Log Message:
Initialize the NSS cache before NSS_Init is called. A race condition
was being triggered during the first module unload when calling
NSS_Shutdown because the cache wasn't finished setting itself up
in MP mode.
Index: nss_engine_init.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_init.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23

--- nss_engine_init.c	2 Aug 2006 18:59:12 -0000	1.22
+++ nss_engine_init.c	24 Aug 2006 15:50:20 -0000	1.23
@@ -205,6 +205,14 @@
     /* Set the PKCS #11 strings for the internal token. */
     PK11_ConfigurePKCS11(NULL,NULL,NULL, INTERNAL_TOKEN_NAME, NULL, NULL,NULL,NULL,8,1);
+    ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
+        "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout);
+    ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
+    if (forked)
+        SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
+    else
+        SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
+
     /* We need to be in the same directory as libnssckbi.so to load the
      * root certificates properly.
      */
@@ -268,14 +276,6 @@
         nss_die();
     }
-    ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
-        "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout);
-    ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
-    if (forked)
-        SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
-    else
-        SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
-
     if (ocspenabled) {
         CERT_EnableOCSPChecking(CERT_GetDefaultCertDB());
         ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,

    