You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bn...@apache.org on 2020/11/20 22:31:37 UTC
[trafficserver] branch master updated: TLS Session Reuse: Downgrade
add_session messages to debug (#7345)
This is an automated email from the ASF dual-hosted git repository.
bneradt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 01bd0f8 TLS Session Reuse: Downgrade add_session messages to debug (#7345)
01bd0f8 is described below
commit 01bd0f8fbb29b50d26f69d33fb3c936dd27a2a44
Author: Brian Neradt <br...@gmail.com>
AuthorDate: Fri Nov 20 16:31:18 2020 -0600
TLS Session Reuse: Downgrade add_session messages to debug (#7345)
In production it was observed that the messages in
session_process.cc:add_session are particularly noisy without adding
much value in general production settings. Talking with Fei Deng, we
decided to downgrade these to TSDebug.
---
plugins/experimental/ssl_session_reuse/src/session_process.cc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/plugins/experimental/ssl_session_reuse/src/session_process.cc b/plugins/experimental/ssl_session_reuse/src/session_process.cc
index a40b33c..d1cac79 100644
--- a/plugins/experimental/ssl_session_reuse/src/session_process.cc
+++ b/plugins/experimental/ssl_session_reuse/src/session_process.cc
@@ -182,13 +182,13 @@ add_session(char *session_id, int session_id_len, const std::string &encrypted_s
int32_t session_data_len = SSL_SESSION_MAX_DER;
int ret = decrypt_session(encrypted_session, (unsigned char *)get_key_ptr(), get_key_length(), session_data, session_data_len);
if (ret < 0) {
- TSError("Failed to decrypt session %.*s, error: %d", session_id_len, hex_str(session).c_str(), ret);
+ TSDebug(PLUGIN, "Failed to decrypt session %.*s, error: %d", session_id_len, hex_str(session).c_str(), ret);
return ret;
}
const unsigned char *loc = reinterpret_cast<const unsigned char *>(session_data);
SSL_SESSION *sess = d2i_SSL_SESSION(nullptr, &loc, session_data_len);
if (nullptr == sess) {
- TSError("Failed to transform session buffer %.*s", session_id_len, hex_str(session).c_str());
+ TSDebug(PLUGIN, "Failed to transform session buffer %.*s", session_id_len, hex_str(session).c_str());
return -1;
}
TSSslSessionID sid;