You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by sp...@apache.org on 2022/06/06 08:30:48 UTC
[apisix] branch master updated: perf: reuse ctx in ssl phase (#7196)
This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 46a96b1e8 perf: reuse ctx in ssl phase (#7196)
46a96b1e8 is described below
commit 46a96b1e88ac88d32ed5bf7fcf0c756016a2125c
Author: 罗泽轩 <sp...@gmail.com>
AuthorDate: Mon Jun 6 16:30:39 2022 +0800
perf: reuse ctx in ssl phase (#7196)
Signed-off-by: spacewander <sp...@gmail.com>
---
apisix/init.lua | 24 ++++++++++-----------
t/router/radixtree-sni2.t | 54 +++++++++++++++++++++++++++++++++++++++++++++++
t/stream-node/tls.t | 33 +++++++++++++++++++++++++++++
3 files changed, 99 insertions(+), 12 deletions(-)
diff --git a/apisix/init.lua b/apisix/init.lua
index 5e3f5da2d..d68e31ba5 100644
--- a/apisix/init.lua
+++ b/apisix/init.lua
@@ -157,14 +157,14 @@ end
function _M.http_ssl_phase()
local ngx_ctx = ngx.ctx
- local api_ctx = ngx_ctx.api_ctx
-
- if api_ctx == nil then
- api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
- ngx_ctx.api_ctx = api_ctx
- end
+ local api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
+ ngx_ctx.api_ctx = api_ctx
local ok, err = router.router_ssl.match_and_set(api_ctx)
+
+ core.tablepool.release("api_ctx", api_ctx)
+ ngx_ctx.api_ctx = nil
+
if not ok then
if err then
core.log.error("failed to fetch ssl config: ", err)
@@ -806,14 +806,14 @@ end
function _M.stream_ssl_phase()
local ngx_ctx = ngx.ctx
- local api_ctx = ngx_ctx.api_ctx
-
- if api_ctx == nil then
- api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
- ngx_ctx.api_ctx = api_ctx
- end
+ local api_ctx = core.tablepool.fetch("api_ctx", 0, 32)
+ ngx_ctx.api_ctx = api_ctx
local ok, err = router.router_ssl.match_and_set(api_ctx)
+
+ core.tablepool.release("api_ctx", api_ctx)
+ ngx_ctx.api_ctx = nil
+
if not ok then
if err then
core.log.error("failed to fetch ssl config: ", err)
diff --git a/t/router/radixtree-sni2.t b/t/router/radixtree-sni2.t
index 6b6f1b233..83d1187dc 100644
--- a/t/router/radixtree-sni2.t
+++ b/t/router/radixtree-sni2.t
@@ -528,3 +528,57 @@ GET /t
[error]
--- response_body
ssl handshake: true
+
+
+
+=== TEST 14: ensure table is reused in TLS handshake
+--- config
+listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+
+location /t {
+ content_by_lua_block {
+ do
+ local sock = ngx.socket.tcp()
+
+ sock:settimeout(2000)
+
+ local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
+ if not ok then
+ ngx.say("failed to connect: ", err)
+ return
+ end
+
+ local sess, err = sock:sslhandshake(nil, "TEST2.com", false)
+ if not sess then
+ ngx.say("failed to do SSL handshake: ", err)
+ return
+ end
+ ngx.say("ssl handshake: ", sess ~= nil)
+ end -- do
+ -- collectgarbage()
+ }
+}
+--- extra_init_by_lua
+ local tablepool = require("apisix.core").tablepool
+ local old_fetch = tablepool.fetch
+ tablepool.fetch = function(name, ...)
+ ngx.log(ngx.WARN, "fetch table ", name)
+ return old_fetch(name, ...)
+ end
+
+ local old_release = tablepool.release
+ tablepool.release = function(name, ...)
+ ngx.log(ngx.WARN, "release table ", name)
+ return old_release(name, ...)
+ end
+--- request
+GET /t
+--- no_error_log
+[error]
+--- response_body
+ssl handshake: true
+--- grep_error_log eval
+qr/(fetch|release) table \w+/
+--- grep_error_log_out
+fetch table api_ctx
+release table api_ctx
diff --git a/t/stream-node/tls.t b/t/stream-node/tls.t
index bd525d1a5..2f3016b55 100644
--- a/t/stream-node/tls.t
+++ b/t/stream-node/tls.t
@@ -104,3 +104,36 @@ failed to find any SSL certificate by SNI: xx.com
mmm
--- error_log
failed to find SNI
+
+
+
+=== TEST 5: ensure table is reused in TLS handshake
+--- stream_extra_init_by_lua
+ local tablepool = require("apisix.core").tablepool
+ local old_fetch = tablepool.fetch
+ tablepool.fetch = function(name, ...)
+ ngx.log(ngx.WARN, "fetch table ", name)
+ return old_fetch(name, ...)
+ end
+
+ local old_release = tablepool.release
+ tablepool.release = function(name, ...)
+ ngx.log(ngx.WARN, "release table ", name)
+ return old_release(name, ...)
+ end
+--- stream_tls_request
+mmm
+--- stream_sni: test.com
+--- response_body
+hello world
+--- grep_error_log eval
+qr/(fetch|release) table \w+/
+--- grep_error_log_out
+fetch table api_ctx
+release table api_ctx
+fetch table api_ctx
+fetch table ctx_var
+fetch table plugins
+release table ctx_var
+release table plugins
+release table api_ctx