aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2016-06-07 14:36:44 +0200
committerIngela Anderton Andin <[email protected]>2016-06-07 14:36:44 +0200
commit93b2bca601894b09b914af6ffad8d8edfbe90e37 (patch)
treeb562dc413f1e6d2657ae60ce7b9aed8c2c18ce24
parent998df92f6b666cd7f626568ce5443e183f669153 (diff)
parent240b5e21a3986479e37ef8fddc42bdbdaf71f02a (diff)
downloadotp-93b2bca601894b09b914af6ffad8d8edfbe90e37.tar.gz
otp-93b2bca601894b09b914af6ffad8d8edfbe90e37.tar.bz2
otp-93b2bca601894b09b914af6ffad8d8edfbe90e37.zip
Merge branch 'ingela/ssl/max-session-table/OTP-13490'
* ingela/ssl/max-session-table/OTP-13490: ssl: Mitigate load increase when the whole session table is invalidated
-rw-r--r--lib/ssl/src/ssl_manager.erl11
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl
index 60b4fbe995..c7dcbaabe9 100644
--- a/lib/ssl/src/ssl_manager.erl
+++ b/lib/ssl/src/ssl_manager.erl
@@ -67,6 +67,7 @@
-define(CLEAN_SESSION_DB, 60000).
-define(CLEAN_CERT_DB, 500).
-define(DEFAULT_MAX_SESSION_CACHE, 1000).
+-define(LOAD_MITIGATION, 10).
%%====================================================================
%% API
@@ -196,10 +197,12 @@ register_session(Port, Session) ->
%%--------------------------------------------------------------------
-spec invalidate_session(host(), inet:port_number(), #session{}) -> ok.
invalidate_session(Host, Port, Session) ->
+ load_mitigation(),
cast({invalidate_session, Host, Port, Session}).
-spec invalidate_session(inet:port_number(), #session{}) -> ok.
invalidate_session(Port, Session) ->
+ load_mitigation(),
cast({invalidate_session, Port, Session}).
-spec invalidate_pem(File::binary()) -> ok.
@@ -719,3 +722,11 @@ invalidate_session_cache(undefined, CacheCb, Cache) ->
start_session_validator(Cache, CacheCb, {invalidate_before, erlang:monotonic_time()}, undefined);
invalidate_session_cache(Pid, _CacheCb, _Cache) ->
Pid.
+
+load_mitigation() ->
+ MSec = rand:uniform(?LOAD_MITIGATION),
+ receive
+ after
+ MSec ->
+ continue
+ end.