git.ipfire.org Git - thirdparty/pdns.git/commit

author	Remi Gacogne <remi.gacogne@powerdns.com>
	Mon, 3 Mar 2025 10:57:54 +0000 (11:57 +0100)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Wed, 2 Apr 2025 10:28:57 +0000 (12:28 +0200)
commit	d0cf129d3871c7d30b6bef4b4143b7af52d43355
tree	30367d1e12f75d1f426b5b0a8232346aa55ce463	tree
parent	9c613b27898943a6130c973d0ea0d5eba2394377	commit \| diff

dnsdist: Share tickets key between identical frontends created via YAML

Using the same Session Ticket Encryption Key on identical frontends
allow TLS sessions to be resumed in a much more efficient way, reducing
the latency and CPU usage. While it was already possible to do so by
manually managing the STEK, the default behaviour was to create and use
a different STEK for each frontend, because our Lua configuration makes
it almost impossible to ensure that two frontends are identical.
This is not an issue with the new YAML configuration format, so let's
share the STEK automatically in this case.

This needs a regression test.

pdns/dnsdistdist/dnsdist-carbon.cc		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-configuration-yaml.cc		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-doh-common.cc		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-doh-common.hh		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-lua-inspection.cc		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-lua.cc		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-tcp-upstream.hh		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-web.cc		diff \| blob \| blame \| history
pdns/dnsdistdist/dnsdist.hh		diff \| blob \| blame \| history
pdns/dnsdistdist/doh.cc		diff \| blob \| blame \| history
pdns/tcpiohandler.cc		diff \| blob \| blame \| history
pdns/tcpiohandler.hh		diff \| blob \| blame \| history