> On 26 Aug 2022, at 07:01, Maxim Dounin <mdounin@mdounin.ru> wrote:
>
> # HG changeset patch
> # User Maxim Dounin <mdounin@mdounin.ru>
> # Date 1661481947 -10800
> # Fri Aug 26 05:45:47 2022 +0300
> # Node ID 5b137f110e84af974ef2b9efcf35bec2d883c187
> # Parent 2cd8fbeb4edc5a99b725585edc02a16a8a0c503e
> SSL: reduced logging of session cache failures (ticket #621).
>
> Session cache allocations might fail as long as the new session is different
> in size from the one least recently used (and freed when the first allocation
> fails). In particular, it might not be possible to allocate space for
> sessions with client certificates, since they are noticeably bigger than
> normal sessions.
>
> To ensure such allocation failures won't clutter logs, logging level changed
> to "warn", and logging is now limited to at most one warning per second.
>
> diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
> --- a/src/event/ngx_event_openssl.c
> +++ b/src/event/ngx_event_openssl.c
> @@ -3949,8 +3949,11 @@ failed:
>
> ngx_shmtx_unlock(&shpool->mutex);
>
> - ngx_log_error(NGX_LOG_ALERT, c->log, 0,
> - "could not allocate new session%s", shpool->log_ctx);
> + if (cache->fail_time != ngx_time()) {
> + cache->fail_time = ngx_time();
> + ngx_log_error(NGX_LOG_WARN, c->log, 0,
> + "could not allocate new session%s", shpool->log_ctx);
> + }
>
This makes three ngx_time() calls in this function in total.
A good reason to cache value in a local variable.
> return 0;
> }
> diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
> --- a/src/event/ngx_event_openssl.h
> +++ b/src/event/ngx_event_openssl.h
> @@ -150,6 +150,7 @@ typedef struct {
> ngx_rbtree_t session_rbtree;
> ngx_rbtree_node_t sentinel;
> ngx_queue_t expire_queue;
> + time_t fail_time;
> } ngx_ssl_session_cache_t;
>
Missed initialization to something sensible (zero?).
--
Sergey Kandaurov
_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org