aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_manager.erl
diff options
context:
space:
mode:
authorErlang/OTP <[email protected]>2016-06-13 13:21:25 +0200
committerErlang/OTP <[email protected]>2016-06-13 13:21:25 +0200
commit2f9546b5c1eeacad9011f23ca4d03d6585d4280a (patch)
tree9d313d295e8919f0a354843971647b0cc46c355d /lib/ssl/src/ssl_manager.erl
parent4d78ea9baba6c66be4696bca2ca32a0ae1443e77 (diff)
parent3415d9274a456a2ba6e3e321b591c4d518c0e2c8 (diff)
downloadotp-2f9546b5c1eeacad9011f23ca4d03d6585d4280a.tar.gz
otp-2f9546b5c1eeacad9011f23ca4d03d6585d4280a.tar.bz2
otp-2f9546b5c1eeacad9011f23ca4d03d6585d4280a.zip
Merge branch 'ingela/maint/ssl/max-session-table/OTP-13490' into maint-18
* ingela/maint/ssl/max-session-table/OTP-13490: ssl: Mitigate load increase when the whole session table is invalidated
Diffstat (limited to 'lib/ssl/src/ssl_manager.erl')
-rw-r--r--lib/ssl/src/ssl_manager.erl11
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl
index 311dac4619..8ed29cc6b0 100644
--- a/lib/ssl/src/ssl_manager.erl
+++ b/lib/ssl/src/ssl_manager.erl
@@ -67,6 +67,7 @@
-define(CLEAN_SESSION_DB, 60000).
-define(CLEAN_CERT_DB, 500).
-define(DEFAULT_MAX_SESSION_CACHE, 1000).
+-define(LOAD_MITIGATION, 10).
%%====================================================================
%% API
@@ -196,10 +197,12 @@ register_session(Port, Session) ->
%%--------------------------------------------------------------------
-spec invalidate_session(host(), inet:port_number(), #session{}) -> ok.
invalidate_session(Host, Port, Session) ->
+ load_mitigation(),
cast({invalidate_session, Host, Port, Session}).
-spec invalidate_session(inet:port_number(), #session{}) -> ok.
invalidate_session(Port, Session) ->
+ load_mitigation(),
cast({invalidate_session, Port, Session}).
-spec invalidate_pem(File::binary()) -> ok.
@@ -719,3 +722,11 @@ invalidate_session_cache(undefined, CacheCb, Cache) ->
start_session_validator(Cache, CacheCb, {invalidate_before, erlang:monotonic_time()}, undefined);
invalidate_session_cache(Pid, _CacheCb, _Cache) ->
Pid.
+
+load_mitigation() ->
+ MSec = rand:uniform(?LOAD_MITIGATION),
+ receive
+ after
+ MSec ->
+ continue
+ end.