Welcome! Log In Create A New Profile

Advanced

[nginx] SSL: reduced logging of session cache failures (ticket #621).

Previous Message Next Message
Forum List Message List New Topic Print View
Sergey Kandaurov
October 13, 2022 06:58AM
details: https://hg.nginx.org/nginx/rev/38c71f9b2293
branches:
changeset: 8075:38c71f9b2293
user: Maxim Dounin <mdounin@mdounin.ru>
date: Wed Oct 12 20:14:36 2022 +0300
description:
SSL: reduced logging of session cache failures (ticket #621).

Session cache allocations might fail as long as the new session is different
in size from the one least recently used (and freed when the first allocation
fails). In particular, it might not be possible to allocate space for
sessions with client certificates, since they are noticeably bigger than
normal sessions.

To ensure such allocation failures won't clutter logs, logging level changed
to "warn", and logging is now limited to at most one warning per second.

diffstat:

src/event/ngx_event_openssl.c | 9 +++++++--
src/event/ngx_event_openssl.h | 1 +
2 files changed, 8 insertions(+), 2 deletions(-)

diffs (37 lines):

diff -r 026ee23b6774 -r 38c71f9b2293 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Wed Oct 12 20:14:34 2022 +0300
+++ b/src/event/ngx_event_openssl.c Wed Oct 12 20:14:36 2022 +0300
@@ -3770,6 +3770,8 @@ ngx_ssl_session_cache_init(ngx_shm_zone_

ngx_queue_init(&cache->expire_queue);

+ cache->fail_time = 0;
+
len = sizeof(" in SSL session shared cache \"\"") + shm_zone->shm.name.len;

shpool->log_ctx = ngx_slab_alloc(shpool, len);
@@ -3953,8 +3955,11 @@ failed:

ngx_shmtx_unlock(&shpool->mutex);

- ngx_log_error(NGX_LOG_ALERT, c->log, 0,
- "could not allocate new session%s", shpool->log_ctx);
+ if (cache->fail_time != ngx_time()) {
+ cache->fail_time = ngx_time();
+ ngx_log_error(NGX_LOG_WARN, c->log, 0,
+ "could not allocate new session%s", shpool->log_ctx);
+ }

return 0;
}
diff -r 026ee23b6774 -r 38c71f9b2293 src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h Wed Oct 12 20:14:34 2022 +0300
+++ b/src/event/ngx_event_openssl.h Wed Oct 12 20:14:36 2022 +0300
@@ -150,6 +150,7 @@ typedef struct {
ngx_rbtree_t session_rbtree;
ngx_rbtree_node_t sentinel;
ngx_queue_t expire_queue;
+ time_t fail_time;
} ngx_ssl_session_cache_t;


_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org
Reply Quote
RSS
Subject Author Views Posted

[nginx] SSL: reduced logging of session cache failures (ticket #621).

Sergey Kandaurov 286 October 13, 2022 06:58AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 294
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready