[Pkg-fedora-ds-maintainers] [libapache2-mod-nss] 76/156: Initialize the NSS cache before NSS_Init is called. A race condition was being triggered during the first module unload when calling NSS_Shutdown because the cache wasn't finished setting itself up in MP mode.
Timo Aaltonen
tjaalton-guest at moszumanska.debian.org
Wed Jul 2 13:55:30 UTC 2014
This is an automated email from the git hooks/post-receive script.
tjaalton-guest pushed a commit to branch master
in repository libapache2-mod-nss.
commit 09e567625d7ed4fcd9de834c6c41e86967e0adce
Author: rcritten <>
Date: Thu Aug 24 15:50:20 2006 +0000
Initialize the NSS cache before NSS_Init is called. A race condition
was being triggered during the first module unload when calling
NSS_Shutdown because the cache wasn't finished setting itself up
in MP mode.
---
nss_engine_init.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/nss_engine_init.c b/nss_engine_init.c
index e09b077..6e588d5 100644
--- a/nss_engine_init.c
+++ b/nss_engine_init.c
@@ -205,6 +205,14 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled, int fipsenabled,
/* Set the PKCS #11 strings for the internal token. */
PK11_ConfigurePKCS11(NULL,NULL,NULL, INTERNAL_TOKEN_NAME, NULL, NULL,NULL,NULL,8,1);
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
+ "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout);
+ ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
+ if (forked)
+ SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
+ else
+ SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
+
/* We need to be in the same directory as libnssckbi.so to load the
* root certificates properly.
*/
@@ -268,14 +276,6 @@ static void nss_init_SSLLibrary(server_rec *s, int sslenabled, int fipsenabled,
nss_die();
}
- ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
- "Initializing SSL Session Cache of size %d. SSL2 timeout = %d, SSL3/TLS timeout = %d.", mc->session_cache_size, mc->session_cache_timeout, mc->ssl3_session_cache_timeout);
- ap_mpm_query(AP_MPMQ_IS_FORKED, &forked);
- if (forked)
- SSL_ConfigMPServerSIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
- else
- SSL_ConfigServerSessionIDCache(mc->session_cache_size, (PRUint32) mc->session_cache_timeout, (PRUint32) mc->ssl3_session_cache_timeout, NULL);
-
if (ocspenabled) {
CERT_EnableOCSPChecking(CERT_GetDefaultCertDB());
ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-fedora-ds/libapache2-mod-nss.git
More information about the Pkg-fedora-ds-maintainers
mailing list