[nginx] svn commit: r5082 - trunk/src/event

[mdounin at mdounin.ru]

Author: mdounin
Date: 2013-02-23 11:54:25 +0000 (Sat, 23 Feb 2013)
New Revision: 5082
URL: http://trac.nginx.org/nginx/changeset/5082/nginx

Log:
SSL: retry "sess_id" and "id" allocations.

In case of fully populated SSL session cache with no memory left for
new allocations, ngx_ssl_new_session() will try to expire the oldest
non-expired session and retry, but only in case when slab allocation
fails for "cached_sess", not when slab allocation fails for either
"sess_id" or "id", which can happen for number of reasons and results
in new session not being cached.

Patch fixes this by adding retry logic to "sess_id" & "id" allocations.

Patch by Piotr Sikora.


Modified:
   trunk/src/event/ngx_event_openssl.c

Modified: trunk/src/event/ngx_event_openssl.c
===================================================================
--- trunk/src/event/ngx_event_openssl.c	2013-02-23 11:50:42 UTC (rev 5081)
+++ trunk/src/event/ngx_event_openssl.c	2013-02-23 11:54:25 UTC (rev 5082)
@@ -1842,8 +1842,18 @@
     }
 
     sess_id = ngx_slab_alloc_locked(shpool, sizeof(ngx_ssl_sess_id_t));
+
     if (sess_id == NULL) {
-        goto failed;
+
+        /* drop the oldest non-expired session and try once more */
+
+        ngx_ssl_expire_sessions(cache, shpool, 0);
+
+        sess_id = ngx_slab_alloc_locked(shpool, sizeof(ngx_ssl_sess_id_t));
+
+        if (sess_id == NULL) {
+            goto failed;
+        }
     }
 
 #if (NGX_PTR_SIZE == 8)
@@ -1853,8 +1863,18 @@
 #else
 
     id = ngx_slab_alloc_locked(shpool, sess->session_id_length);
+
     if (id == NULL) {
-        goto failed;
+
+        /* drop the oldest non-expired session and try once more */
+
+        ngx_ssl_expire_sessions(cache, shpool, 0);
+
+        id = ngx_slab_alloc_locked(shpool, sess->session_id_length);
+
+        if (id == NULL) {
+            goto failed;
+        }
     }
 
 #endif