gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

为了减少pinning, protocol error误判带来的影响,将service cache的淘汰方式改为FIFO,独立service_cache_expire_seconds参数,默认5分钟。

Browse Source
This commit is contained in:
zhengchao
2019-06-05 20:43:45 +08:00
parent 044d512184
commit d3afda0d4c
2 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
platform/src/ssl_stream.cpp
View File

@@ -126,9 +126,13 @@ struct ssl_mgr
int ssl_min_version, ssl_max_version;
char ssl_session_context[8];
unsigned int cache_slots;
unsigned int sess_cache_slots;
unsigned int sess_expire_seconds;
unsigned int svc_cache_slots;
unsigned int svc_expire_seconds;
struct sess_cache * down_sess_cache;
struct sess_cache * up_sess_cache;
struct sess_ticket_box * down_stek_box;
@@ -656,15 +660,15 @@ struct ssl_mgr * ssl_manager_init(const char * ini_profile, const char * section
MESA_load_profile_uint_def(ini_profile, section, "no_mirror_client_cipher_suite",
&(mgr->no_mirror_client_cipher_suite), 0);
MESA_load_profile_uint_def(ini_profile, section, "session_cache_slots",
&(mgr->cache_slots), 4 * 1024 * 1024);
&(mgr->sess_cache_slots), 4 * 1024 * 1024);
MESA_load_profile_uint_def(ini_profile, section, "session_cache_expire_seconds",
&(mgr->sess_expire_seconds), 30 * 60);
if(!mgr->no_sesscache)
{
mgr->up_sess_cache = ssl_sess_cache_create(mgr->cache_slots, mgr->sess_expire_seconds, CONN_DIR_UPSTREAM);
mgr->down_sess_cache = ssl_sess_cache_create(mgr->cache_slots, mgr->sess_expire_seconds, CONN_DIR_DOWNSTREAM);
mgr->up_sess_cache = ssl_sess_cache_create(mgr->sess_cache_slots, mgr->sess_expire_seconds, CONN_DIR_UPSTREAM);
mgr->down_sess_cache = ssl_sess_cache_create(mgr->sess_cache_slots, mgr->sess_expire_seconds, CONN_DIR_DOWNSTREAM);
}
MESA_load_profile_uint_def(ini_profile, section, "stek_group_num", &stek_group_num, 1);
@@ -675,7 +679,12 @@ struct ssl_mgr * ssl_manager_init(const char * ini_profile, const char * section
mgr->down_stek_box = sess_ticket_box_create(ev_base_gc, stek_group_num, stek_rotation_time, logger);
}
mgr->svc_cache=ssl_service_cache_create(mgr->cache_slots, mgr->sess_expire_seconds);
MESA_load_profile_uint_def(ini_profile, section, "service_cache_slots",
&(mgr->svc_cache_slots), 4 * 1024 * 1024);
MESA_load_profile_uint_def(ini_profile, section, "service_cache_expire_seconds",
&(mgr->svc_expire_seconds), 5 * 60);
mgr->svc_cache=ssl_service_cache_create(mgr->svc_cache_slots, mgr->svc_expire_seconds);
mgr->key_keeper = key_keeper_init(ini_profile, "key_keeper", logger);
if (mgr->key_keeper == NULL)