aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIngela Anderton Andin <ingela@erlang.org>2016-06-03 17:00:17 +0200
committerIngela Anderton Andin <ingela@erlang.org>2016-06-03 17:00:17 +0200
commit240b5e21a3986479e37ef8fddc42bdbdaf71f02a (patch)
treec735c62525ac1796d76e13808fc5c17d3ac8d12f
parentd26c15e07229c90ba8353bd78d5406ada0f13271 (diff)
downloadotp-240b5e21a3986479e37ef8fddc42bdbdaf71f02a.tar.gz
otp-240b5e21a3986479e37ef8fddc42bdbdaf71f02a.tar.bz2
otp-240b5e21a3986479e37ef8fddc42bdbdaf71f02a.zip
ssl: Mitigate load increase when the whole session table is invalidated
-rw-r--r--lib/ssl/src/ssl_manager.erl11
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl
index 60b4fbe995..c7dcbaabe9 100644
--- a/lib/ssl/src/ssl_manager.erl
+++ b/lib/ssl/src/ssl_manager.erl
@@ -67,6 +67,7 @@
-define(CLEAN_SESSION_DB, 60000).
-define(CLEAN_CERT_DB, 500).
-define(DEFAULT_MAX_SESSION_CACHE, 1000).
+-define(LOAD_MITIGATION, 10).
%%====================================================================
%% API
@@ -196,10 +197,12 @@ register_session(Port, Session) ->
%%--------------------------------------------------------------------
-spec invalidate_session(host(), inet:port_number(), #session{}) -> ok.
invalidate_session(Host, Port, Session) ->
+ load_mitigation(),
cast({invalidate_session, Host, Port, Session}).
-spec invalidate_session(inet:port_number(), #session{}) -> ok.
invalidate_session(Port, Session) ->
+ load_mitigation(),
cast({invalidate_session, Port, Session}).
-spec invalidate_pem(File::binary()) -> ok.
@@ -719,3 +722,11 @@ invalidate_session_cache(undefined, CacheCb, Cache) ->
start_session_validator(Cache, CacheCb, {invalidate_before, erlang:monotonic_time()}, undefined);
invalidate_session_cache(Pid, _CacheCb, _Cache) ->
Pid.
+
+load_mitigation() ->
+ MSec = rand:uniform(?LOAD_MITIGATION),
+ receive
+ after
+ MSec ->
+ continue
+ end.