Closed Bug 292156 Opened 16 years ago Closed 16 years ago
selfserv should allow more than 1024 SSL server session cache entries
selfserv should have a command-line option to configure the maximum number of entries in the session cache, rather than using a hard-coded value of 1024 .
QA Contact: bishakhabanerjee → jason.m.reid
Assignee: wtchang → julien.pierre.bugs
Status: NEW → ASSIGNED
Attachment #202595 - Flags: review?(nelson)
Comment on attachment 202595 [details] [diff] [review] add -C option >-#define NUM_SID_CACHE_ENTRIES 1024 >+int NUM_SID_CACHE_ENTRIES = 1024; I think our convention is that names consisting entirely of capital letters and underscores are reserved for use with #defines. I don't think we should violate that. So, this variable name should be changed to not look like a #define symbol. >+ case 'C': if (optstate->value) NUM_SID_CACHE_ENTRIES = PORT_Atoi(optstate->value); break; >+ Do we want to report an error if the option value is missing, or if it is negative?
Attachment #202595 - Flags: review?(nelson) → review-
Re: negative number of entries, unfortunately, libssl crashes with a SIGFPE if passed such a value. Here is a patch that fixes this problem .
Attachment #202605 - Flags: review?(nelson)
Bug that is filed about checking for the presence/absence of arguments for many tools, because that problem should be solved in a more generic way and is being tracked in bug 293687 . The sign problem is taken care of by the libssl patch.
I don't know what happened to my last comment. I meant I wasn't going to check for the missing argument in the selfserv patch because there is a bug for the overall issue.
Comment on attachment 202605 [details] [diff] [review] check for negative maxCacheEntries and other invalid args in session cache init r=nelson
Attachment #202605 - Flags: review?(nelson) → review+
Comment on attachment 202607 [details] [diff] [review] rename variable r=nelson
Attachment #202607 - Flags: review?(nelson) → review+
Thanks for the quick reviews, Nelson. I checked these patches in to the tip for 3.11 . Checking in selfserv.c; /cvsroot/mozilla/security/nss/cmd/selfserv/selfserv.c,v <-- selfserv.c new revision: 1.68; previous revision: 1.67 done Checking in sslsnce.c; /cvsroot/mozilla/security/nss/lib/ssl/sslsnce.c,v <-- sslsnce.c new revision: 1.36; previous revision: 1.35 done
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: --- → 3.11
You need to log in before you can comment on or make changes to this bug.