source: src/router/proftpd/doc/contrib/mod_tls_shmcache.html @ 17876

Last change on this file since 17876 was 17876, checked in by BrainSlayer, 20 months ago

update proftp
File size: 4.3 KB
Line 
1<!-- $Id: mod_tls_shmcache.html,v 1.2 2010/12/21 00:30:01 castaglia Exp $ -->
2<!-- $Source: /cvsroot/proftp/proftpd/doc/contrib/mod_tls_shmcache.html,v $ -->
3
4<html>
5<head>
6<title>ProFTPD module mod_tls_shmcache</title>
7</head>
8
9<body bgcolor=white>
10
11<hr>
12<center>
13<h2><b>ProFTPD module <code>mod_tls_shmcache</code></b></h2>
14</center>
15<hr>
16
17<p>
18The <code>mod_tls_shmcache</code> submodule is contained in the
19<code>mod_tls_shmcache.c</code> file, and is not compiled by default.
20Installation instructions are discussed <a href="#Installation">here</a>.
21
22<p>
23This submodule provides a SysV shared memory-based implementation of
24an external SSL session cache for use by the <code>mod_tls</code> module's
25<a href="mod_tls.html#TLSSessionCache"><code>TLSSessionCache</code></a>
26directive.
27
28<p>
29This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
30
31<p>
32This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
33
34<h2>Author</h2>
35<p>
36Please contact TJ Saunders &lt;tj <i>at</i> castaglia.org&gt; with any
37questions, concerns, or suggestions regarding this module.
38
39<p>
40The <code>mod_tls_shmcache</code> module supports the &quot;shm&quot; string
41for the <em>type</em> parameter of the
42<a href="mod_tls.html#TLSSessionCache"><code>TLSSessionCache</code></a>
43configuration directive.  The <em>info</em> parameter for
44<code>mod_tls_shmcache</code> must be formatted like:
45<pre>
46  /file=<i>/path/to/cache/file</i>[&amp;size=<i>bytes</i>]
47</pre>
48The configured path is used for synchronizing access to the shared memory
49segment among the various server processes.  The default shared memory
50segment size allocated is 1.5MB; use the optional <em>size</em> key to
51configure a different size, in bytes.  Note that the configured size
52<i>must</i> be able to hold at least one cached session; if a too-small size
53is configured, that size will be ignored and the default size will be used.
54
55<p>
56<b>Examples</b><br>
57
58<p>
59Use the default shared memory segment size and timeout:
60<pre>
61  &lt;IfModule mod_tls.c&gt;
62    ...
63
64    &lt;IfModule mod_tls_shmcache.c&gt;
65      TLSSessionCache shm:/file=/var/ftpd/sesscache
66    &lt;/IfModule&gt;
67  &lt;/IfModule&gt;
68</pre>
69
70<p>
71Use a larger shared memory segment size:
72<pre>
73  &lt;IfModule mod_tls.c&gt;
74    ...
75
76    &lt;IfModule mod_tls_shmcache.c&gt;
77      TLSSessionCache shm:/file=/var/ftpd/sesscache&amp;size=2097152
78    &lt;/IfModule&gt;
79  &lt;/IfModule&gt;
80</pre>
81
82<p>
83Use a smaller shared memory size, and a shorter timeout:
84<pre>
85  &lt;IfModule mod_tls.c&gt;
86    ...
87
88    &lt;IfModule mod_tls_shmcache.c&gt;
89      TLSSessionCache shm:/file=/var/ftpd/sesscache&amp;size=512000 600
90    &lt;/IfModule&gt;
91  &lt;/IfModule&gt;
92</pre>
93
94<p>
95<hr>
96<h2><a name="Installation">Installation</a></h2>
97The <code>mod_tls_shmcache</code> module is distributed with the ProFTPD
98source code.  Simply follow the normal steps for using third-party modules
99in proftpd, being sure to include the <code>mod_tls</code> module (on which
100<code>mod_tls_shmcache</code> depends):
101<pre>
102  ./configure --with-modules=mod_tls:mod_tls_shmcache
103  make
104  make install
105</pre>
106
107<p>
108Alternatively, if your proftpd was compiled with DSO support, you can
109use the <code>prxs</code> tool to build <code>mod_tls_shmcache</code> as
110a shared module:
111<pre>
112  prxs -c -i -d mod_tls_shmcache.c
113</pre>
114
115<p>
116<hr>
117<h2><a name="Usage">Usage</a></h2>
118
119<p><a name="FAQ">
120<b>Frequently Asked Questions</b><br>
121
122<p><a name="TLSShmcacheEmptyFile">
123<font color=red>Question</font>: I configured a <code>TLSSessionCache</code> file, but it is empty.  Is <code>mod_tls_shmcache</code> not working properly?<br>
124<font color=blue>Answer</font>: Yes, <code>mod_tls_shmcache</code> is working
125properly.  The actual cache of SSL/TLS session data is stored in shared memory,
126not on the filesystem.  Storing data in system shared memory requires a unique
127key; the <code>mod_tls_shmcache</code> uses the configured file to create
128this unique key.  The module also uses the configured
129<code>TLSSessionCache</code> file for locking, as when handling a
130<code>ftpdctl</code> request to clear the cache.
131
132<p>
133<hr>
134Author: <i>$Author: castaglia $</i><br>
135Last Updated: <i>$Date: 2010/12/21 00:30:01 $</i><br>
136
137<hr>
138<font size=2><b><i>
139&copy; Copyright 2009-2010 TJ Saunders<br>
140 All Rights Reserved<br>
141</i></b></font>
142
143<hr><br>
144
145</body>
146</html>
147
Note: See TracBrowser for help on using the repository browser.