diff options
author | Maxim Dounin <mdounin@mdounin.ru> | 2013-03-29 17:17:45 +0000 |
---|---|---|
committer | Maxim Dounin <mdounin@mdounin.ru> | 2013-03-29 17:17:45 +0000 |
commit | e4010d888ffb07e12da2bdfecd9284871be27e52 (patch) | |
tree | 6967e641f95268af7764666360d0ffbc16ff9bc8 | |
parent | 0e7eb773de932c4c6ab4d517e489d217b2fc0387 (diff) | |
download | nginx-e4010d888ffb07e12da2bdfecd9284871be27e52.tar.gz |
Merge of r5082: SSL: retry "sess_id" and "id" allocations.
SSL: retry "sess_id" and "id" allocations.
In case of fully populated SSL session cache with no memory left for
new allocations, ngx_ssl_new_session() will try to expire the oldest
non-expired session and retry, but only in case when slab allocation
fails for "cached_sess", not when slab allocation fails for either
"sess_id" or "id", which can happen for number of reasons and results
in new session not being cached.
Patch fixes this by adding retry logic to "sess_id" & "id" allocations.
Patch by Piotr Sikora.
-rw-r--r-- | src/event/ngx_event_openssl.c | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index d3663c4f5..5c88e4ad6 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -1716,8 +1716,18 @@ ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn, ngx_ssl_session_t *sess) } sess_id = ngx_slab_alloc_locked(shpool, sizeof(ngx_ssl_sess_id_t)); + if (sess_id == NULL) { - goto failed; + + /* drop the oldest non-expired session and try once more */ + + ngx_ssl_expire_sessions(cache, shpool, 0); + + sess_id = ngx_slab_alloc_locked(shpool, sizeof(ngx_ssl_sess_id_t)); + + if (sess_id == NULL) { + goto failed; + } } #if (NGX_PTR_SIZE == 8) @@ -1727,8 +1737,18 @@ ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn, ngx_ssl_session_t *sess) #else id = ngx_slab_alloc_locked(shpool, sess->session_id_length); + if (id == NULL) { - goto failed; + + /* drop the oldest non-expired session and try once more */ + + ngx_ssl_expire_sessions(cache, shpool, 0); + + id = ngx_slab_alloc_locked(shpool, sess->session_id_length); + + if (id == NULL) { + goto failed; + } } #endif |