diff options
author | Jeff Trawick <trawick@apache.org> | 2009-11-24 22:22:15 +0100 |
---|---|---|
committer | Jeff Trawick <trawick@apache.org> | 2009-11-24 22:22:15 +0100 |
commit | 4f251a641dde85ef6743e95bfabb485072661a33 (patch) | |
tree | ca32b0f8c232c198e42a8355ef393ae2721ae576 /docs/manual/mod/mod_ssl.xml | |
parent | generated doc updates (diff) | |
download | apache2-4f251a641dde85ef6743e95bfabb485072661a33.tar.xz apache2-4f251a641dde85ef6743e95bfabb485072661a33.zip |
remove SSLMutex documentation
update the session cache description to indicate that the ssl cache mutex is used
to serialize access, and that the mutex can be configured using the Mutex directive
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@883880 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs/manual/mod/mod_ssl.xml')
-rw-r--r-- | docs/manual/mod/mod_ssl.xml | 86 |
1 files changed, 5 insertions, 81 deletions
diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index 617a894b34..fe2862750e 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -210,87 +210,6 @@ SSLPassPhraseDialog exec:/usr/local/apache/sbin/pp-filter </directivesynopsis> <directivesynopsis> -<name>SSLMutex</name> -<description>Semaphore for internal mutual exclusion of -operations</description> -<syntax>SSLMutex <em>type</em></syntax> -<default>SSLMutex none</default> -<contextlist><context>server config</context></contextlist> - -<usage> -<p> -This configures the SSL engine's semaphore (aka. lock) which is used for mutual -exclusion of operations which have to be done in a synchronized way between the -pre-forked Apache server processes. This directive can only be used in the -global server context because it's only useful to have one global mutex. -This directive is designed to closely match the -<directive module="mpm_common">AcceptMutex</directive> directive.</p> -<p> -The following Mutex <em>types</em> are available:</p> -<ul> -<li><code>none | no</code> - <p> - This is the default where no Mutex is used at all. Use it at your own - risk. But because currently the Mutex is mainly used for synchronizing - write access to the SSL Session Cache you can live without it as long - as you accept a sometimes garbled Session Cache. So it's not recommended - to leave this the default. Instead configure a real Mutex.</p></li> -<li><code>posixsem</code> - <p> - This is an elegant Mutex variant where a Posix Semaphore is used when possible. - It is only available when the underlying platform - and <glossary>APR</glossary> supports it.</p></li> -<li><code>sysvsem</code> - <p> - This is a somewhat elegant Mutex variant where a SystemV IPC Semaphore is used when - possible. It is possible to "leak" SysV semaphores if processes crash before - the semaphore is removed. It is only available when the underlying platform - and <glossary>APR</glossary> supports it.</p></li> -<li><code>sem</code> - <p> - This directive tells the SSL Module to pick the "best" semaphore implementation - available to it, choosing between Posix and SystemV IPC, in that order. It is only - available when the underlying platform and <glossary>APR</glossary> supports at least one of the 2.</p></li> -<li><code>pthread</code> - <p> - This directive tells the SSL Module to use Posix thread mutexes. It is only available - if the underlying platform and <glossary>APR</glossary> supports it.</p></li> -<li><code>fcntl:/path/to/mutex</code> - <p> - This is a portable Mutex variant where a physical (lock-)file and the <code>fcntl()</code> - function are used as the Mutex. - Always use a local disk filesystem for <code>/path/to/mutex</code> and never a file - residing on a NFS- or AFS-filesystem. It is only available when the underlying platform - and <glossary>APR</glossary> supports it. Note: Internally, the Process ID (PID) of the - Apache parent process is automatically appended to - <code>/path/to/mutex</code> to make it unique, so you don't have to worry - about conflicts yourself. Notice that this type of mutex is not available - under the Win32 environment. There you <em>have</em> to use the semaphore - mutex.</p></li> -<li><code>flock:/path/to/mutex</code> - <p> - This is similar to the <code>fcntl:/path/to/mutex</code> method with the - exception that the <code>flock()</code> function is used to provide file - locking. It is only available when the underlying platform - and <glossary>APR</glossary> supports it.</p></li> -<li><code>file:/path/to/mutex</code> - <p> - This directive tells the SSL Module to pick the "best" file locking implementation - available to it, choosing between <code>fcntl</code> and <code>flock</code>, - in that order. It is only available when the underlying platform and <glossary>APR</glossary> supports - at least one of the 2.</p></li> -<li><code>default | yes</code> - <p> - This directive tells the SSL Module to pick the default locking implementation - as determined by the platform and <glossary>APR</glossary>.</p></li> -</ul> -<example><title>Example</title> -SSLMutex file:/usr/local/apache/logs/ssl_mutex -</example> -</usage> -</directivesynopsis> - -<directivesynopsis> <name>SSLRandomSeed</name> <description>Pseudo Random Number Generator (PRNG) seeding source</description> @@ -446,10 +365,15 @@ The following four storage <em>type</em>s are currently supported:</p> address.</p></li> </ul> + <example><title>Examples</title> SSLSessionCache dbm:/usr/local/apache/logs/ssl_gcache_data<br /> SSLSessionCache shm:/usr/local/apache/logs/ssl_gcache_data(512000) </example> + +<p>The <code>ssl-cache</code> mutex is used to serialize access to +the session cache to prevent corruption. This mutex can be configured +using the <directive module="core">Mutex</directive> directive.</p> </usage> </directivesynopsis> |