You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@trafficserver.apache.org by François <fr...@gmail.com> on 2015/06/11 23:06:13 UTC
API change for TS-3683: provide a SSL setter for Session/Ticket Cache Hit
- JIRA ticket: TS-3683 ( https://issues.apache.org/jira/browse/TS-3683 )
- While metrics/statistics provide an aggregated result, we want to improve
our
analysis on a per-request basis, possibly running map reduce tasks to
precisely
correlates this cache hit/reuse to other numbers. In our usage,
SSL Session/Ticket Cache is implemented in a plugin, and while we
provide the patch to allow core to implement that cache/hit internally, we
need the API change for our version to work.
- An additional function would be added to ts.h:
tsapi void TSNetVConnSSLCachedHitSet(TSVConn vc, bool state);
it will also require to #include <stdbool.h> in lib/ts/apidefs.h.in
- TSVConn vc: represents the SSLNetVConnection we want to access.
- bool state: true to indicate that SSL connection was retrieved from
session
cache or a SSL ticket was positively verified.
API change is included into the following pull request:
https://github.com/apache/trafficserver/pull/218/files
Thanks,
- Francois
Re: API change for TS-3683: provide a SSL setter for Session/Ticket Cache Hit
Posted by James Peach <jp...@apache.org>.
> On Jun 11, 2015, at 2:06 PM, François <fr...@gmail.com> wrote:
>
> - JIRA ticket: TS-3683 ( https://issues.apache.org/jira/browse/TS-3683 )
>
> - While metrics/statistics provide an aggregated result, we want to improve
> our
> analysis on a per-request basis, possibly running map reduce tasks to
> precisely
> correlates this cache hit/reuse to other numbers. In our usage,
> SSL Session/Ticket Cache is implemented in a plugin, and while we
> provide the patch to allow core to implement that cache/hit internally, we
> need the API change for our version to work.
>
> - An additional function would be added to ts.h:
> tsapi void TSNetVConnSSLCachedHitSet(TSVConn vc, bool state);
>
> it will also require to #include <stdbool.h> in lib/ts/apidefs.h.in
I don't have a strong opinion on whether this API is needed, though I'm slightly inclined to think that a more general approach to logs tags might be warranted. The alternative of having APIs to set each piece of data that might be logged seems undesirable. There seems to be a cross-cutting issue with Susan's session cache proposal ... maybe there's a better solution that serves both needs?
C99 is not required for TSAPI clients, so this needs to use "int" in place of "bool".
> - TSVConn vc: represents the SSLNetVConnection we want to access.
>
> - bool state: true to indicate that SSL connection was retrieved from
> session
> cache or a SSL ticket was positively verified.
>
> API change is included into the following pull request:
> https://github.com/apache/trafficserver/pull/218/files
>
> Thanks,
>
> - Francois