From 35f61c404d434e00da0f502a073cd3a0201fa504 Mon Sep 17 00:00:00 2001 From: Alejandro Alvarez Ayllon Date: Thu, 17 Nov 2011 23:34:38 +0100 Subject: [PATCH] SSL session share: move the age counter to the share object Previously the age counter would be counted individually in each easy handle that shared SSL sessions! --- lib/share.c | 1 + lib/share.h | 1 + lib/sslgen.c | 21 ++++++++++++++++----- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/lib/share.c b/lib/share.c index 71c2ef308..a89e15e3d 100644 --- a/lib/share.c +++ b/lib/share.c @@ -91,6 +91,7 @@ curl_share_setopt(CURLSH *sh, CURLSHoption option, ...) share->nsslsession = 8; share->sslsession = calloc(share->nsslsession, sizeof(struct curl_ssl_session)); + share->sessionage = 0; if(!share->sslsession) return CURLSHE_NOMEM; } diff --git a/lib/share.h b/lib/share.h index c9546567d..3148ed00b 100644 --- a/lib/share.h +++ b/lib/share.h @@ -52,6 +52,7 @@ struct Curl_share { struct curl_ssl_session *sslsession; unsigned int nsslsession; + long sessionage; }; CURLSHcode Curl_share_lock (struct SessionHandle *, curl_lock_data, diff --git a/lib/sslgen.c b/lib/sslgen.c index 3b7340244..262ce42c4 100644 --- a/lib/sslgen.c +++ b/lib/sslgen.c @@ -232,14 +232,19 @@ int Curl_ssl_getsessionid(struct connectdata *conn, struct curl_ssl_session *check; struct SessionHandle *data = conn->data; long i; + long *general_age; if(!conn->ssl_config.sessionid) /* session ID re-use is disabled */ return TRUE; /* Lock for reading if shared */ - if(data->share && data->share->sslsession == data->state.session) + if(data->share && data->share->sslsession == data->state.session) { Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SHARED); + general_age = &data->share->sessionage; + } + else + general_age = &data->state.sessionage; for(i=0; i< data->set.ssl.numsessions; i++) { check = &data->state.session[i]; @@ -250,8 +255,8 @@ int Curl_ssl_getsessionid(struct connectdata *conn, (conn->remote_port == check->remote_port) && Curl_ssl_config_matches(&conn->ssl_config, &check->ssl_config)) { /* yes, we have a session ID! */ - data->state.sessionage++; /* increase general age */ - check->age = data->state.sessionage; /* set this as used in this age */ + *general_age++; /* increase general age */ + check->age = *general_age; /* set this as used in this age */ *ssl_sessionid = check->sessionid; if(idsize) *idsize = check->idsize; @@ -333,6 +338,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, struct curl_ssl_session *store = &data->state.session[0]; long oldest_age=data->state.session[0].age; /* zero if unused */ char *clone_host; + long *general_age; /* Even though session ID re-use might be disabled, that only disables USING IT. We still store it here in case the re-using is again enabled for an @@ -346,8 +352,13 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, the oldest if necessary) */ /* If using shared SSL session, lock! */ - if(data->share && data->share->sslsession == data->state.session) + if(data->share && data->share->sslsession == data->state.session) { Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE); + general_age = &data->share->sessionage; + } + else { + general_age = &data->state.sessionage; + } /* find an empty slot for us, or find the oldest */ for(i=1; (iset.ssl.numsessions) && @@ -366,7 +377,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, /* now init the session struct wisely */ store->sessionid = ssl_sessionid; store->idsize = idsize; - store->age = data->state.sessionage; /* set current age */ + store->age = *general_age; /* set current age */ if(store->name) /* free it if there's one already present */ free(store->name);