From b9dcf285187eb0119662069b8c485a9298b324bb Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 10 Dec 2010 10:43:14 +0100 Subject: Cache invalidation and consistent user closing Added cache invalidation control of ssl certificates so that sessions will not be reused if file content is changed. There was a glitch in ssl:close that made it possible to to get eaddrinuse even though reuseadder-option was used. Also improved tests for better user-close handling. --- lib/ssl/src/ssl_manager.erl | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) (limited to 'lib/ssl/src/ssl_manager.erl') diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl index dc613eec11..f845b1ecc0 100644 --- a/lib/ssl/src/ssl_manager.erl +++ b/lib/ssl/src/ssl_manager.erl @@ -35,7 +35,7 @@ invalidate_session/3]). % Spawn export --export([init_session_validator/1, recache_pem/4]). +-export([init_session_validator/1]). %% gen_server callbacks -export([init/1, handle_call/3, handle_cast/2, handle_info/2, @@ -229,8 +229,8 @@ handle_call({{cache_pem, File, LastWrite}, Pid}, _, end; handle_call({{recache_pem, File, LastWrite}, Pid}, From, #state{certificate_db = Db} = State) -> - ssl_certificate_db:uncache_pem_file(File, Pid, Db), - spawn_link(?MODULE, recache_pem, [File, Db, LastWrite, From]), + ssl_certificate_db:uncache_pem_file(File, Db), + cast({recache_pem, File, LastWrite, Pid, From}), {noreply, State}. %%-------------------------------------------------------------------- @@ -269,7 +269,21 @@ handle_cast({invalidate_session, Port, #session{session_id = ID}}, #state{session_cache = Cache, session_cache_cb = CacheCb} = State) -> CacheCb:delete(Cache, {Port, ID}), - {noreply, State}. + {noreply, State}; + +handle_cast({recache_pem, File, LastWrite, Pid, From}, + #state{certificate_db = [_, FileToRefDb, _]} = State0) -> + case ssl_certificate_db:lookup(File, FileToRefDb) of + undefined -> + {reply, Msg, State} = handle_call({{cache_pem, File, LastWrite}, Pid}, From, State0), + gen_server:reply(From, Msg), + {noreply, State}; + _ -> %% Send message to self letting cleanup messages be handled + %% first so that no reference to the old version of file + %% exists when we cache the new one. + cast({recache_pem, File, LastWrite, Pid, From}), + {noreply, State0} + end. %%-------------------------------------------------------------------- -spec handle_info(msg(), #state{}) -> {noreply, #state{}}. @@ -387,14 +401,3 @@ cache_pem_file(File, LastWrite) -> [] -> call({cache_pem, File, LastWrite}) end. - - -recache_pem(File, Db, LastWrite, From) -> - case ssl_certificate_db:ref_count(File, Db, 0) of - 0 -> - Result = call({cache_pem, File, LastWrite}), - gen_server:reply(From, Result); - _ -> - timer:sleep(1000), - recache_pem(File, Db, LastWrite, From) - end. -- cgit v1.2.3