| OLD | NEW |
| 1 /* This file implements the SERVER Session ID cache. | 1 /* This file implements the SERVER Session ID cache. |
| 2 * NOTE: The contents of this file are NOT used by the client. | 2 * NOTE: The contents of this file are NOT used by the client. |
| 3 * | 3 * |
| 4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
| 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 6 * | 6 * |
| 7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
| 8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
| 9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
| 10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
| (...skipping 18 matching lines...) Expand all Loading... |
| 29 * in which case the provisions of the GPL or the LGPL are applicable instead | 29 * in which case the provisions of the GPL or the LGPL are applicable instead |
| 30 * of those above. If you wish to allow use of your version of this file only | 30 * of those above. If you wish to allow use of your version of this file only |
| 31 * under the terms of either the GPL or the LGPL, and not to allow others to | 31 * under the terms of either the GPL or the LGPL, and not to allow others to |
| 32 * use your version of this file under the terms of the MPL, indicate your | 32 * use your version of this file under the terms of the MPL, indicate your |
| 33 * decision by deleting the provisions above and replace them with the notice | 33 * decision by deleting the provisions above and replace them with the notice |
| 34 * and other provisions required by the GPL or the LGPL. If you do not delete | 34 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 35 * the provisions above, a recipient may use your version of this file under | 35 * the provisions above, a recipient may use your version of this file under |
| 36 * the terms of any one of the MPL, the GPL or the LGPL. | 36 * the terms of any one of the MPL, the GPL or the LGPL. |
| 37 * | 37 * |
| 38 * ***** END LICENSE BLOCK ***** */ | 38 * ***** END LICENSE BLOCK ***** */ |
| 39 /* $Id: sslsnce.c,v 1.52 2010/01/14 22:15:25 alexei.volkov.bugs%sun.com Exp $ */ | 39 /* $Id: sslsnce.c,v 1.54 2010/07/05 19:31:56 alexei.volkov.bugs%sun.com Exp $ */ |
| 40 | 40 |
| 41 /* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server | 41 /* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server |
| 42 * cache sids! | 42 * cache sids! |
| 43 * | 43 * |
| 44 * About record locking among different server processes: | 44 * About record locking among different server processes: |
| 45 * | 45 * |
| 46 * All processes that are part of the same conceptual server (serving on | 46 * All processes that are part of the same conceptual server (serving on |
| 47 * the same address and port) MUST share a common SSL session cache. | 47 * the same address and port) MUST share a common SSL session cache. |
| 48 * This code makes the content of the shared cache accessible to all | 48 * This code makes the content of the shared cache accessible to all |
| 49 * processes on the same "server". This code works on Unix and Win32 only. | 49 * processes on the same "server". This code works on Unix and Win32 only. |
| (...skipping 763 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 813 UnlockSidCacheLock(cache->certCacheLock); | 813 UnlockSidCacheLock(cache->certCacheLock); |
| 814 } else { | 814 } else { |
| 815 /* what the ??. Didn't get the cert cache lock. | 815 /* what the ??. Didn't get the cert cache lock. |
| 816 ** Don't invalidate the SID cache entry, but don't find it. | 816 ** Don't invalidate the SID cache entry, but don't find it. |
| 817 */ | 817 */ |
| 818 PORT_Assert(!("Didn't get cert Cache Lock!")); | 818 PORT_Assert(!("Didn't get cert Cache Lock!")); |
| 819 psce = 0; | 819 psce = 0; |
| 820 pcce = 0; | 820 pcce = 0; |
| 821 } | 821 } |
| 822 } | 822 } |
| 823 if ((cndx = psce->u.ssl3.srvNameIndex) != -1) { | 823 if (psce && ((cndx = psce->u.ssl3.srvNameIndex) != -1)) { |
| 824 PRUint32 gotLock = LockSidCacheLock(cache->srvNameCacheLock, | 824 PRUint32 gotLock = LockSidCacheLock(cache->srvNameCacheLock, |
| 825 now); | 825 now); |
| 826 if (gotLock) { | 826 if (gotLock) { |
| 827 psnce = &cache->srvNameCacheData[cndx]; | 827 psnce = &cache->srvNameCacheData[cndx]; |
| 828 | 828 |
| 829 if (!PORT_Memcmp(psnce->nameHash, psce->u.ssl3.srvNameHash, | 829 if (!PORT_Memcmp(psnce->nameHash, psce->u.ssl3.srvNameHash, |
| 830 SHA256_LENGTH)) { | 830 SHA256_LENGTH)) { |
| 831 snce = *psnce; | 831 snce = *psnce; |
| 832 } else { | 832 } else { |
| 833 /* The name doesen't match the SID cache entry, | 833 /* The name doesen't match the SID cache entry, |
| (...skipping 263 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1097 cache->numSIDCacheSets * SID_CACHE_ENTRIES_PER_SET; | 1097 cache->numSIDCacheSets * SID_CACHE_ENTRIES_PER_SET; |
| 1098 | 1098 |
| 1099 cache->numSIDCacheLocks = | 1099 cache->numSIDCacheLocks = |
| 1100 PR_MIN(cache->numSIDCacheSets, ssl_max_sid_cache_locks); | 1100 PR_MIN(cache->numSIDCacheSets, ssl_max_sid_cache_locks); |
| 1101 | 1101 |
| 1102 cache->numSIDCacheSetsPerLock = | 1102 cache->numSIDCacheSetsPerLock = |
| 1103 SID_HOWMANY(cache->numSIDCacheSets, cache->numSIDCacheLocks); | 1103 SID_HOWMANY(cache->numSIDCacheSets, cache->numSIDCacheLocks); |
| 1104 | 1104 |
| 1105 cache->numCertCacheEntries = (maxCertCacheEntries > 0) ? | 1105 cache->numCertCacheEntries = (maxCertCacheEntries > 0) ? |
| 1106 maxCertCacheEntries : 0; | 1106 maxCertCacheEntries : 0; |
| 1107 cache->numSrvNameCacheEntries = (maxSrvNameCacheEntries > 0) ? | 1107 cache->numSrvNameCacheEntries = (maxSrvNameCacheEntries >= 0) ? |
| 1108 maxSrvNameCacheEntries : 0; | 1108 maxSrvNameCacheEntries : DEF_NAME_C
ACHE_ENTRIES; |
| 1109 | 1109 |
| 1110 /* compute size of shared memory, and offsets of all pointers */ | 1110 /* compute size of shared memory, and offsets of all pointers */ |
| 1111 ptr = 0; | 1111 ptr = 0; |
| 1112 cache->cacheMem = (char *)ptr; | 1112 cache->cacheMem = (char *)ptr; |
| 1113 ptr += SID_ROUNDUP(sizeof(cacheDesc), SID_ALIGNMENT); | 1113 ptr += SID_ROUNDUP(sizeof(cacheDesc), SID_ALIGNMENT); |
| 1114 | 1114 |
| 1115 cache->sidCacheLocks = (sidCacheLock *)ptr; | 1115 cache->sidCacheLocks = (sidCacheLock *)ptr; |
| 1116 cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks; | 1116 cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks; |
| 1117 cache->certCacheLock = cache->keyCacheLock + 1; | 1117 cache->certCacheLock = cache->keyCacheLock + 1; |
| 1118 cache->srvNameCacheLock = cache->certCacheLock + 1; | 1118 cache->srvNameCacheLock = cache->certCacheLock + 1; |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1161 | 1161 |
| 1162 cache->ticketMacKey = (encKeyCacheEntry *)ptr; | 1162 cache->ticketMacKey = (encKeyCacheEntry *)ptr; |
| 1163 ptr = (ptrdiff_t)(cache->ticketMacKey + 1); | 1163 ptr = (ptrdiff_t)(cache->ticketMacKey + 1); |
| 1164 ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT); | 1164 ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT); |
| 1165 | 1165 |
| 1166 cache->ticketKeysValid = (PRUint32 *)ptr; | 1166 cache->ticketKeysValid = (PRUint32 *)ptr; |
| 1167 ptr = (ptrdiff_t)(cache->ticketKeysValid + 1); | 1167 ptr = (ptrdiff_t)(cache->ticketKeysValid + 1); |
| 1168 ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT); | 1168 ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT); |
| 1169 | 1169 |
| 1170 cache->srvNameCacheData = (srvNameCacheEntry *)ptr; | 1170 cache->srvNameCacheData = (srvNameCacheEntry *)ptr; |
| 1171 if (cache->numSrvNameCacheEntries < 0) { | |
| 1172 cache->numSrvNameCacheEntries = DEF_NAME_CACHE_ENTRIES; | |
| 1173 } | |
| 1174 cache->srvNameCacheSize = | 1171 cache->srvNameCacheSize = |
| 1175 cache->numSrvNameCacheEntries * sizeof(srvNameCacheEntry); | 1172 cache->numSrvNameCacheEntries * sizeof(srvNameCacheEntry); |
| 1176 ptr = (ptrdiff_t)(cache->srvNameCacheData + cache->numSrvNameCacheEntries); | 1173 ptr = (ptrdiff_t)(cache->srvNameCacheData + cache->numSrvNameCacheEntries); |
| 1177 ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT); | 1174 ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT); |
| 1178 | 1175 |
| 1179 cache->cacheMemSize = ptr; | 1176 cache->cacheMemSize = ptr; |
| 1180 | 1177 |
| 1181 if (ssl2_timeout) { | 1178 if (ssl2_timeout) { |
| 1182 if (ssl2_timeout > MAX_SSL2_TIMEOUT) { | 1179 if (ssl2_timeout > MAX_SSL2_TIMEOUT) { |
| 1183 ssl2_timeout = MAX_SSL2_TIMEOUT; | 1180 ssl2_timeout = MAX_SSL2_TIMEOUT; |
| (...skipping 972 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2156 } | 2153 } |
| 2157 | 2154 |
| 2158 SECStatus | 2155 SECStatus |
| 2159 SSL_SetMaxServerCacheLocks(PRUint32 maxLocks) | 2156 SSL_SetMaxServerCacheLocks(PRUint32 maxLocks) |
| 2160 { | 2157 { |
| 2161 PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_SetMaxServe
rCacheLocks)"); | 2158 PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_SetMaxServe
rCacheLocks)"); |
| 2162 return SECFailure; | 2159 return SECFailure; |
| 2163 } | 2160 } |
| 2164 | 2161 |
| 2165 #endif /* XP_UNIX || XP_WIN32 */ | 2162 #endif /* XP_UNIX || XP_WIN32 */ |
| OLD | NEW |