#include "dnsdist-proxy-protocol.hh"
#include "dnsdist-rings.hh"
#include "dnsdist-secpoll.hh"
+#include "dnsdist-session-cache.hh"
#include "dnsdist-tcp-downstream.hh"
#include "dnsdist-web.hh"
setMaxCachedTCPConnectionsPerDownstream(max);
});
+ luaCtx.writeFunction("setOutgoingTLSSessionsCacheMaxTicketsPerBackend", [](uint16_t max) {
+ if (g_configurationDone) {
+ g_outputBuffer = "setOutgoingTLSSessionsCacheMaxTicketsPerBackend() cannot be called at runtime!\n";
+ return;
+ }
+ TLSSessionCache::setMaxTicketsPerBackend(max);
+ });
+
+ luaCtx.writeFunction("setOutgoingTLSSessionsCacheCleanupDelay", [](time_t delay) {
+ if (g_configurationDone) {
+ g_outputBuffer = "setOutgoingTLSSessionsCacheCleanupDelay() cannot be called at runtime!\n";
+ return;
+ }
+ TLSSessionCache::setCleanupDelay(delay);
+ });
+
+ luaCtx.writeFunction("setOutgoingTLSSessionsCacheMaxTicketValidity", [](time_t validity) {
+ if (g_configurationDone) {
+ g_outputBuffer = "setOutgoingTLSSessionsCacheMaxTicketValidity() cannot be called at runtime!\n";
+ return;
+ }
+ TLSSessionCache::setSessionValidity(validity);
+ });
+
luaCtx.writeFunction("setCacheCleaningDelay", [](uint32_t delay) { g_cacheCleaningDelay = delay; });
luaCtx.writeFunction("setCacheCleaningPercentage", [](uint16_t percentage) { if (percentage < 100) g_cacheCleaningPercentage = percentage; else g_cacheCleaningPercentage = 100; });
TLSSessionCache g_sessionCache;
-time_t const TLSSessionCache::s_cleanupDelay{60};
-time_t const TLSSessionCache::s_sessionValidity{600};
+time_t TLSSessionCache::s_cleanupDelay{60};
+time_t TLSSessionCache::s_sessionValidity{600};
+uint16_t TLSSessionCache::s_maxSessionsPerBackend{20};
void TLSSessionCache::cleanup(time_t now, const std::lock_guard<std::mutex>& lock)
{
}
auto& entry = d_sessions[backendID];
- if (entry.d_sessions.size() >= d_maxSessionsPerBackend) {
+ if (entry.d_sessions.size() >= s_maxSessionsPerBackend) {
entry.d_sessions.pop_back();
}
entry.d_sessions.push_front(std::move(session));
void putSession(const boost::uuids::uuid& backendID, time_t now, std::unique_ptr<TLSSession>&& session);
std::unique_ptr<TLSSession> getSession(const boost::uuids::uuid& backendID, time_t now);
+ static void setCleanupDelay(time_t delay)
+ {
+ s_cleanupDelay = delay;
+ }
+
+ static void setSessionValidity(time_t validity)
+ {
+ s_sessionValidity = validity;
+ }
+
+ static void setMaxTicketsPerBackend(uint16_t max)
+ {
+ s_maxSessionsPerBackend = max;
+ }
+
private:
- static time_t const s_cleanupDelay;
- static time_t const s_sessionValidity;
+ static time_t s_cleanupDelay;
+ static time_t s_sessionValidity;
+ static uint16_t s_maxSessionsPerBackend;
struct BackendEntry
{
// do we need to shard this?
std::mutex d_lock;
time_t d_nextCleanup{0};
- uint16_t d_maxSessionsPerBackend{20};
};
extern TLSSessionCache g_sessionCache;
projects / thirdparty / pdns.git / commitdiff
