ProFTPD module mod_tls_shmcache


The mod_tls_shmcache submodule is contained in the mod_tls_shmcache.c file, and is not compiled by default. Installation instructions are discussed here.

This submodule provides a SysV shared memory-based implementation of an external SSL session cache for use by the mod_tls module's TLSSessionCache directive.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).

Author

Please contact TJ Saunders <tj at castaglia.org> with any questions, concerns, or suggestions regarding this module.

The mod_tls_shmcache module supports the "shm" string for the type parameter of the TLSSessionCache configuration directive. The info parameter for mod_tls_shmcache must be formatted like:

  /file=/path/to/cache/file[&size=bytes]
The configured path is used for synchronizing access to the shared memory segment among the various server processes. The default shared memory segment size allocated is 1.5MB; use the optional size key to configure a different size, in bytes. Note that the configured size must be able to hold at least one cached session; if a too-small size is configured, that size will be ignored and the default size will be used.

Examples

Use the default shared memory segment size and timeout:

  <IfModule mod_tls.c>
    ...

    <IfModule mod_tls_shmcache.c>
      TLSSessionCache shm:/file=/var/ftpd/sesscache
    </IfModule>
  </IfModule>

Use a larger shared memory segment size:

  <IfModule mod_tls.c>
    ...

    <IfModule mod_tls_shmcache.c>
      TLSSessionCache shm:/file=/var/ftpd/sesscache&size=2097152
    </IfModule>
  </IfModule>

Use a smaller shared memory size, and a shorter timeout:

  <IfModule mod_tls.c>
    ...

    <IfModule mod_tls_shmcache.c>
      TLSSessionCache shm:/file=/var/ftpd/sesscache&size=512000 600
    </IfModule>
  </IfModule>


Installation

The mod_tls_shmcache module is distributed with the ProFTPD source code. Simply follow the normal steps for using third-party modules in proftpd, being sure to include the mod_tls module (on which mod_tls_shmcache depends):
  ./configure --with-modules=mod_tls:mod_tls_shmcache
  make
  make install

Alternatively, if your proftpd was compiled with DSO support, you can use the prxs tool to build mod_tls_shmcache as a shared module:

  prxs -c -i -d mod_tls_shmcache.c


Author: $Author: castaglia $
Last Updated: $Date: 2009/03/10 07:00:22 $

© Copyright 2009 TJ Saunders
All Rights Reserved