Forum List Message List New Topic Print View

Maxim Dounin

August 25, 2022 11:14PM

# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1661481947 -10800
# Fri Aug 26 05:45:47 2022 +0300
# Node ID 5b137f110e84af974ef2b9efcf35bec2d883c187
# Parent 2cd8fbeb4edc5a99b725585edc02a16a8a0c503e
SSL: reduced logging of session cache failures (ticket #621).

Session cache allocations might fail as long as the new session is different
in size from the one least recently used (and freed when the first allocation
fails). In particular, it might not be possible to allocate space for
sessions with client certificates, since they are noticeably bigger than
normal sessions.

To ensure such allocation failures won't clutter logs, logging level changed
to "warn", and logging is now limited to at most one warning per second.

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -3949,8 +3949,11 @@ failed:

ngx_shmtx_unlock(&shpool->mutex);

- ngx_log_error(NGX_LOG_ALERT, c->log, 0,
- "could not allocate new session%s", shpool->log_ctx);
+ if (cache->fail_time != ngx_time()) {
+ cache->fail_time = ngx_time();
+ ngx_log_error(NGX_LOG_WARN, c->log, 0,
+ "could not allocate new session%s", shpool->log_ctx);
+ }

return 0;
}
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -150,6 +150,7 @@ typedef struct {
ngx_rbtree_t session_rbtree;
ngx_rbtree_node_t sentinel;
ngx_queue_t expire_queue;
+ time_t fail_time;
} ngx_ssl_session_cache_t;

_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)	Maxim Dounin	553	August 25, 2022 11:14PM
Re: [PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)	Sergey Kandaurov	182	September 15, 2022 01:38AM
Re: [PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)	Maxim Dounin	168	September 16, 2022 05:04PM
Re: [PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)	Sergey Kandaurov	190	September 26, 2022 06:14AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 114

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 500 on July 15, 2024

[PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)

Re: [PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)

Re: [PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)

Re: [PATCH 02 of 11] SSL: reduced logging of session cache failures (ticket #621)

Online Users