Bug 8122 - SSLMutex option settings not honoured
Summary: SSLMutex option settings not honoured
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_ssl (show other bugs)
Version: 2.0.35
Hardware: Other other
: P3 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2002-04-15 19:27 UTC by Martin Kutschker
Modified: 2004-11-16 19:05 UTC (History)
0 users

new config behaviour (7.99 KB, patch)
2002-05-06 16:55 UTC, Martin Kutschker
Details | Diff
Remove debug output in ssl_engine_config.c else same as the previous which is btw a proposed fix. (7.91 KB, patch)
2002-05-07 09:55 UTC, Martin Kutschker
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Kutschker 2002-04-15 19:27:29 UTC
With the SSLMutex option the user could (in 1.3.x) ask for file based or
semaphore based locking. Now mod_ssl asks apr for the default mechanism. Which
is not a bad thing, but the option values should reflect what is provided.

I suggest using the same options as for the AcceptMutex option or using a
backward compatible style:

sem = sysvsem
file: = flock | fcntl (whatever is preferred on the platform)
Comment 1 Martin Kutschker 2002-05-06 16:55:10 UTC
Created attachment 1794 [details]
new config behaviour
Comment 2 Martin Kutschker 2002-05-06 17:01:43 UTC
The patch changes the SSLMutex command and offers these options:

default | yes
none | no
sem = sysvsem | posixsem
file: = fcntl | flock

The meaning of "yes" changes to "default", "sem" will use either Sys V or Posix
semaphores (the former are preferred) and file will use either Fcntl or Flock
(preferring Fcntl).

The command remains (reasonably) backward compatible and is now in sync with the
AcceptMutex command.
Comment 3 Martin Kutschker 2002-05-07 09:55:27 UTC
Created attachment 1801 [details]
Remove debug output in ssl_engine_config.c else same as the previous which is btw a proposed fix.
Comment 4 Joshua Slive 2002-10-17 02:34:36 UTC
[This is a mass bug update.]
This bug reports a problem in an older version of Apache 2.
Could you please update to the most recent version and see
if you can reproduce this problem.  If the bug still exists,
please update the bug with the latest version number.  If 
the bug no longer exists, please close the bug report.

Sorry for this impersonal response, but we get many more bug
reports than our volunteers can keep up with.
Thanks for using Apache!
Comment 5 Joshua Slive 2002-11-02 20:18:16 UTC
[This is a mass bug update.] [Resolve-20021102]
No response from submitter; assuming issue is resolved.
If the problem still exists in the lastest version,
please reopen this report and update appropriately.
Comment 6 William A. Rowe Jr. 2002-11-04 13:14:46 UTC
  This is a behavior change.  I don't see where we have considered this
  patch yet, so reopening the report.  Thanks for keeping up with the stale
  reports, Joshua!
Comment 7 Jim Jagielski 2003-02-04 23:01:01 UTC
S'funny. I didn't even see this (old) "bug" and had just send email to dev@ proposing the 
same sort of thing.

I'm a very big +1 on this.
Comment 8 Madhusudan Mathihalli 2003-03-15 15:13:10 UTC
Can you please verify the options available now in the latest source base (HEAD 
includes Jim's patch), and close the PR if you think the problem is resolved.

Comment 9 Martin Kutschker 2003-03-15 18:26:49 UTC
Sounds ok looking at the code.

In ssl_engine_mutex.c it would have been nice to us verbose eror reporting in
ssl_mutex_init and friends. See below for the relevant code of my original patch
(it did help a lot while tracking bugs):

+    status = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile,
mc->nMutexMech, p);
+    if (status != APR_SUCCESS) {
+        char buf[120];
+        apr_strerror(status, buf, sizeof(buf));
+        if (mc->szMutexFile)
+            ssl_log(s, SSL_LOG_ERROR,
+                       "Failed to create global mutex lock using file `%s': %s",
+                        mc->szMutexFile, buf);
+        else
+            ssl_log(s, SSL_LOG_ERROR,
+                       "Failed to create global mutex lock: %s", buf);
Comment 10 William A. Rowe Jr. 2003-03-24 20:38:31 UTC
  Ok, the patch is backported to 2.0.45 to honor the full range of SSLMutex
  flavors, mirroring the AcceptMutex core directive.
Comment 11 askme 2003-04-22 00:08:30 UTC
Please look at bug 19182, ssl.conf needs to be updated.