/**
* Initialise the modsecurity engine. This function must be invoked
* after configuration processing is complete as Apache needs to know the
* username it is running as.
*/
int modsecurity_init(msc_engine *msce, apr_pool_t *mp)
{
apr_status_t rc;
/* auditlog互斥锁 */
rc = apr_global_mutex_create(&msce->auditlog_lock, NULL, APR_LOCK_DEFAULT, mp);
if (rc != APR_SUCCESS) {
return -1;
}
#ifdef __SET_MUTEX_PERMS
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
rc = ap_unixd_set_global_mutex_perms(msce->auditlog_lock);
#else
rc = unixd_set_global_mutex_perms(msce->auditlog_lock);
#endif
if (rc != APR_SUCCESS) {
return -1;
}
#endif /* SET_MUTEX_PERMS */
/* geo互斥锁 */
rc = apr_global_mutex_create(&msce->geo_lock, NULL, APR_LOCK_DEFAULT, mp);
if (rc != APR_SUCCESS) {
return -1;
}
#ifdef __SET_MUTEX_PERMS
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
rc = ap_unixd_set_global_mutex_perms(msce->geo_lock);
#else
rc = unixd_set_global_mutex_perms(msce->geo_lock);
#endif
if (rc != APR_SUCCESS) {
return -1;
}
#endif /* SET_MUTEX_PERMS */
#ifdef DEBUG_FILELOG
const char *file_name = ap_server_root_relative(mp, "logs/audit_log");
rc = apr_file_open(&auditlog_fd, file_name,
APR_WRITE | APR_APPEND | APR_CREATE | APR_BINARY, CREATEMODE, mp);
if (rc != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "Create or open audit failed.");
return -1;
}
#endif
return 1;
}
/*
* initialized the shared memory block in the parent process
*/
int oidc_cache_shm_post_config(server_rec *s) {
oidc_cfg *cfg = (oidc_cfg *) ap_get_module_config(s->module_config,
&auth_openidc_module);
if (cfg->cache_cfg != NULL) return APR_SUCCESS;
oidc_cache_cfg_shm_t *context = oidc_cache_shm_cfg_create(s->process->pool);
cfg->cache_cfg = context;
/* create the shared memory segment */
apr_status_t rv = apr_shm_create(&context->shm,
sizeof(oidc_cache_shm_entry_t) * cfg->cache_shm_size_max,
NULL, s->process->pool);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"oidc_cache_shm_post_config: apr_shm_create failed to create shared memory segment");
return HTTP_INTERNAL_SERVER_ERROR;
}
/* initialize the whole segment to '/0' */
int i;
oidc_cache_shm_entry_t *table = apr_shm_baseaddr_get(context->shm);
for (i = 0; i < cfg->cache_shm_size_max; i++) {
table[i].key[0] = '\0';
table[i].access = 0;
}
const char *dir;
apr_temp_dir_get(&dir, s->process->pool);
/* construct the mutex filename */
context->mutex_filename = apr_psprintf(s->process->pool,
"%s/httpd_mutex.%ld.%pp", dir, (long int) getpid(), s);
/* create the mutex lock */
rv = apr_global_mutex_create(&context->mutex,
(const char *) context->mutex_filename, APR_LOCK_DEFAULT,
s->process->pool);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"oidc_cache_shm_post_config: apr_global_mutex_create failed to create mutex on file %s",
context->mutex_filename);
return HTTP_INTERNAL_SERVER_ERROR;
}
/* need this on Linux */
#ifdef AP_NEED_SET_MUTEX_PERMS
#if MODULE_MAGIC_NUMBER_MAJOR >= 20081201
rv = ap_unixd_set_global_mutex_perms(context->mutex);
#else
rv = unixd_set_global_mutex_perms(context->mutex);
#endif
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"oidc_cache_shm_post_config: unixd_set_global_mutex_perms failed; could not set permissions ");
return HTTP_INTERNAL_SERVER_ERROR;
}
#endif
return OK;
}
/**
* Initialise the modsecurity engine. This function must be invoked
* after configuration processing is complete as Apache needs to know the
* username it is running as.
*/
int modsecurity_init(msc_engine *msce, apr_pool_t *mp) {
apr_status_t rc;
/* Serial audit log mutext */
rc = apr_global_mutex_create(&msce->auditlog_lock, NULL, APR_LOCK_DEFAULT, mp);
if (rc != APR_SUCCESS) {
//ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, "mod_security: Could not create modsec_auditlog_lock");
//return HTTP_INTERNAL_SERVER_ERROR;
return -1;
}
#if !defined(MSC_TEST)
#ifdef __SET_MUTEX_PERMS
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
rc = ap_unixd_set_global_mutex_perms(msce->auditlog_lock);
#else
rc = unixd_set_global_mutex_perms(msce->auditlog_lock);
#endif
if (rc != APR_SUCCESS) {
// ap_log_error(APLOG_MARK, APLOG_ERR, rc, s, "mod_security: Could not set permissions on modsec_auditlog_lock; check User and Group directives");
// return HTTP_INTERNAL_SERVER_ERROR;
return -1;
}
#endif /* SET_MUTEX_PERMS */
rc = apr_global_mutex_create(&msce->geo_lock, NULL, APR_LOCK_DEFAULT, mp);
if (rc != APR_SUCCESS) {
return -1;
}
#ifdef __SET_MUTEX_PERMS
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
rc = ap_unixd_set_global_mutex_perms(msce->geo_lock);
#else
rc = unixd_set_global_mutex_perms(msce->geo_lock);
#endif
if (rc != APR_SUCCESS) {
return -1;
}
#endif /* SET_MUTEX_PERMS */
#endif
return 1;
}
