You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by sp...@apache.org on 2022/06/06 08:30:48 UTC

[apisix] branch master updated: perf: reuse ctx in ssl phase (#7196)

This is an automated email from the ASF dual-hosted git repository.

spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git


The following commit(s) were added to refs/heads/master by this push:
     new 46a96b1e8 perf: reuse ctx in ssl phase (#7196)
46a96b1e8 is described below

commit 46a96b1e88ac88d32ed5bf7fcf0c756016a2125c
Author: 罗泽轩 <sp...@gmail.com>
AuthorDate: Mon Jun 6 16:30:39 2022 +0800

    perf: reuse ctx in ssl phase (#7196)
    
    Signed-off-by: spacewander <sp...@gmail.com>
---
 apisix/init.lua           | 24 ++++++++++-----------
 t/router/radixtree-sni2.t | 54 +++++++++++++++++++++++++++++++++++++++++++++++
 t/stream-node/tls.t       | 33 +++++++++++++++++++++++++++++
 3 files changed, 99 insertions(+), 12 deletions(-)

diff --git a/apisix/init.lua b/apisix/init.lua
index 5e3f5da2d..d68e31ba5 100644
--- a/apisix/init.lua
+++ b/apisix/init.lua
@@ -157,14 +157,14 @@ end
 
 function _M.http_ssl_phase()
     local ngx_ctx = ngx.ctx
-    local api_ctx = ngx_ctx.api_ctx
-
-    if api_ctx == nil then
-        api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
-        ngx_ctx.api_ctx = api_ctx
-    end
+    local api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
+    ngx_ctx.api_ctx = api_ctx
 
     local ok, err = router.router_ssl.match_and_set(api_ctx)
+
+    core.tablepool.release("api_ctx", api_ctx)
+    ngx_ctx.api_ctx = nil
+
     if not ok then
         if err then
             core.log.error("failed to fetch ssl config: ", err)
@@ -806,14 +806,14 @@ end
 
 function _M.stream_ssl_phase()
     local ngx_ctx = ngx.ctx
-    local api_ctx = ngx_ctx.api_ctx
-
-    if api_ctx == nil then
-        api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
-        ngx_ctx.api_ctx = api_ctx
-    end
+    local api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
+    ngx_ctx.api_ctx = api_ctx
 
     local ok, err = router.router_ssl.match_and_set(api_ctx)
+
+    core.tablepool.release("api_ctx", api_ctx)
+    ngx_ctx.api_ctx = nil
+
     if not ok then
         if err then
             core.log.error("failed to fetch ssl config: ", err)
diff --git a/t/router/radixtree-sni2.t b/t/router/radixtree-sni2.t
index 6b6f1b233..83d1187dc 100644
--- a/t/router/radixtree-sni2.t
+++ b/t/router/radixtree-sni2.t
@@ -528,3 +528,57 @@ GET /t
 [error]
 --- response_body
 ssl handshake: true
+
+
+
+=== TEST 14: ensure table is reused in TLS handshake
+--- config
+listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+
+location /t {
+    content_by_lua_block {
+        do
+            local sock = ngx.socket.tcp()
+
+            sock:settimeout(2000)
+
+            local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
+            if not ok then
+                ngx.say("failed to connect: ", err)
+                return
+            end
+
+            local sess, err = sock:sslhandshake(nil, "TEST2.com", false)
+            if not sess then
+                ngx.say("failed to do SSL handshake: ", err)
+                return
+            end
+            ngx.say("ssl handshake: ", sess ~= nil)
+        end  -- do
+        -- collectgarbage()
+    }
+}
+--- extra_init_by_lua
+    local tablepool = require("apisix.core").tablepool
+    local old_fetch = tablepool.fetch
+    tablepool.fetch = function(name, ...)
+        ngx.log(ngx.WARN, "fetch table ", name)
+        return old_fetch(name, ...)
+    end
+
+    local old_release = tablepool.release
+    tablepool.release = function(name, ...)
+        ngx.log(ngx.WARN, "release table ", name)
+        return old_release(name, ...)
+    end
+--- request
+GET /t
+--- no_error_log
+[error]
+--- response_body
+ssl handshake: true
+--- grep_error_log eval
+qr/(fetch|release) table \w+/
+--- grep_error_log_out
+fetch table api_ctx
+release table api_ctx
diff --git a/t/stream-node/tls.t b/t/stream-node/tls.t
index bd525d1a5..2f3016b55 100644
--- a/t/stream-node/tls.t
+++ b/t/stream-node/tls.t
@@ -104,3 +104,36 @@ failed to find any SSL certificate by SNI: xx.com
 mmm
 --- error_log
 failed to find SNI
+
+
+
+=== TEST 5: ensure table is reused in TLS handshake
+--- stream_extra_init_by_lua
+    local tablepool = require("apisix.core").tablepool
+    local old_fetch = tablepool.fetch
+    tablepool.fetch = function(name, ...)
+        ngx.log(ngx.WARN, "fetch table ", name)
+        return old_fetch(name, ...)
+    end
+
+    local old_release = tablepool.release
+    tablepool.release = function(name, ...)
+        ngx.log(ngx.WARN, "release table ", name)
+        return old_release(name, ...)
+    end
+--- stream_tls_request
+mmm
+--- stream_sni: test.com
+--- response_body
+hello world
+--- grep_error_log eval
+qr/(fetch|release) table \w+/
+--- grep_error_log_out
+fetch table api_ctx
+release table api_ctx
+fetch table api_ctx
+fetch table ctx_var
+fetch table plugins
+release table ctx_var
+release table plugins
+release table api_ctx