SSL session cache lifetime vs session ticket lifetime
Maxim Dounin
mdounin at mdounin.ru
Thu Mar 27 16:23:15 UTC 2014
Hello!
On Wed, Mar 26, 2014 at 01:34:19PM +0400, kyprizel wrote:
> will be "log_alloc_failures" better?
I think something like "log_nomem" will be good enough.
Patch:
# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1395937285 -14400
# Thu Mar 27 20:21:25 2014 +0400
# Node ID 2cc8b9fc7efbf6a98ce29f3f860782a1ebd7e6cf
# Parent 734f0babfc133c2dc532f2794deadcf9d90245f7
Core: slab log_nomem flag.
The flag allows to suppress "ngx_slab_alloc() failed: no memory" messages
from a slab allocator, e.g., if an LRU expiration is used by a consumer
and allocation failures aren't fatal.
The flag is now set in the SSL session cache code, and in the limit_req
module.
diff --git a/src/core/ngx_slab.c b/src/core/ngx_slab.c
--- a/src/core/ngx_slab.c
+++ b/src/core/ngx_slab.c
@@ -129,6 +129,7 @@ ngx_slab_init(ngx_slab_pool_t *pool)
pool->pages->slab = pages;
}
+ pool->log_nomem = 1;
pool->log_ctx = &pool->zero;
pool->zero = '\0';
}
@@ -658,7 +659,10 @@ ngx_slab_alloc_pages(ngx_slab_pool_t *po
}
}
- ngx_slab_error(pool, NGX_LOG_CRIT, "ngx_slab_alloc() failed: no memory");
+ if (pool->log_nomem) {
+ ngx_slab_error(pool, NGX_LOG_CRIT,
+ "ngx_slab_alloc() failed: no memory");
+ }
return NULL;
}
diff --git a/src/core/ngx_slab.h b/src/core/ngx_slab.h
--- a/src/core/ngx_slab.h
+++ b/src/core/ngx_slab.h
@@ -39,6 +39,8 @@ typedef struct {
u_char *log_ctx;
u_char zero;
+ unsigned log_nomem:1;
+
void *data;
void *addr;
} ngx_slab_pool_t;
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -1834,6 +1834,8 @@ ngx_ssl_session_cache_init(ngx_shm_zone_
ngx_sprintf(shpool->log_ctx, " in SSL session shared cache \"%V\"%Z",
&shm_zone->shm.name);
+ shpool->log_nomem = 0;
+
return NGX_OK;
}
@@ -1986,7 +1988,7 @@ failed:
ngx_shmtx_unlock(&shpool->mutex);
ngx_log_error(NGX_LOG_ALERT, c->log, 0,
- "could not add new SSL session to the session cache");
+ "could not allocate new session%s", shpool->log_ctx);
return 0;
}
diff --git a/src/http/modules/ngx_http_limit_req_module.c b/src/http/modules/ngx_http_limit_req_module.c
--- a/src/http/modules/ngx_http_limit_req_module.c
+++ b/src/http/modules/ngx_http_limit_req_module.c
@@ -451,6 +451,8 @@ ngx_http_limit_req_lookup(ngx_http_limit
node = ngx_slab_alloc_locked(ctx->shpool, size);
if (node == NULL) {
+ ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0,
+ "could not allocate node%s", ctx->shpool->log_ctx);
return NGX_ERROR;
}
}
@@ -674,6 +676,8 @@ ngx_http_limit_req_init_zone(ngx_shm_zon
ngx_sprintf(ctx->shpool->log_ctx, " in limit_req zone \"%V\"%Z",
&shm_zone->shm.name);
+ ctx->shpool->log_nomem = 0;
+
return NGX_OK;
}
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list