You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by sh...@apache.org on 2015/07/08 14:25:39 UTC
[5/8] trafficserver git commit: Checkpoint commit
363a9044ab6421ef97dd3b07c1dd8b7016008d51
Checkpoint commit 363a9044ab6421ef97dd3b07c1dd8b7016008d51
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/71752c74
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/71752c74
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/71752c74
Branch: refs/heads/master
Commit: 71752c741ac8b49d432dd4b13f5ea2a7f176b37e
Parents: 065bf15
Author: shinrich <sh...@yahoo-inc.com>
Authored: Wed Jul 8 07:01:16 2015 -0500
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Wed Jul 8 07:01:16 2015 -0500
----------------------------------------------------------------------
doc/admin/event-logging-formats.en.rst | 12 ++++++++++++
iocore/net/P_SSLNetVConnection.h | 11 +++++++++++
iocore/net/SSLNetVConnection.cc | 3 ++-
iocore/net/SSLUtils.cc | 4 ++++
lib/ts/apidefs.h.in | 1 +
proxy/InkAPI.cc | 8 ++++++++
proxy/api/ts/ts.h | 1 +
proxy/http/HttpSM.cc | 12 ++++++++++--
proxy/http/HttpSM.h | 2 ++
proxy/logging/Log.cc | 10 ++++++++++
proxy/logging/LogAccess.cc | 18 ++++++++++++++++++
proxy/logging/LogAccess.h | 2 ++
proxy/logging/LogAccessHttp.cc | 28 ++++++++++++++++++++++++++++
proxy/logging/LogAccessHttp.h | 2 ++
14 files changed, 111 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/doc/admin/event-logging-formats.en.rst
----------------------------------------------------------------------
diff --git a/doc/admin/event-logging-formats.en.rst b/doc/admin/event-logging-formats.en.rst
index 2687bc1..178a8a9 100644
--- a/doc/admin/event-logging-formats.en.rst
+++ b/doc/admin/event-logging-formats.en.rst
@@ -170,6 +170,18 @@ The following list describes Traffic Server custom logging fields.
mm is the two-digit minutes value, and ss is the 2-digit seconds
value (for example, 16:01:19).
+.. _cqtr:
+
+``cqtr``
+ The TCP reused status; indicates if this request went through an
+ already established connection.
+
+.. _cqssr:
+
+``cqssr``
+ The SSL session/ticket reused status; indicates if this request hit
+ the SSL session/ticket and avoided a full SSL handshake.
+
.. _cqtx:
``cqtx``
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/iocore/net/P_SSLNetVConnection.h
----------------------------------------------------------------------
diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h
index e71d76e..6a583f5 100644
--- a/iocore/net/P_SSLNetVConnection.h
+++ b/iocore/net/P_SSLNetVConnection.h
@@ -107,6 +107,16 @@ public:
{
sslClientConnection = state;
};
+ virtual void
+ setSSLSessionCacheHit(bool state)
+ {
+ sslSessionCacheHit = state;
+ };
+ virtual bool
+ getSSLSessionCacheHit()
+ {
+ return sslSessionCacheHit;
+ };
int sslServerHandShakeEvent(int &err);
int sslClientHandShakeEvent(int &err);
virtual void net_read_io(NetHandler *nh, EThread *lthread);
@@ -250,6 +260,7 @@ private:
bool sslHandShakeComplete;
bool sslClientConnection;
bool sslClientRenegotiationAbort;
+ bool sslSessionCacheHit;
MIOBuffer *handShakeBuffer;
IOBufferReader *handShakeHolder;
IOBufferReader *handShakeReader;
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/iocore/net/SSLNetVConnection.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc
index 2524bbb..b50f058 100644
--- a/iocore/net/SSLNetVConnection.cc
+++ b/iocore/net/SSLNetVConnection.cc
@@ -790,7 +790,7 @@ SSLNetVConnection::load_buffer_and_write(int64_t towrite, int64_t &wattempted, i
SSLNetVConnection::SSLNetVConnection()
: ssl(NULL), sslHandshakeBeginTime(0), sslLastWriteTime(0), sslTotalBytesSent(0), hookOpRequested(TS_SSL_HOOK_OP_DEFAULT),
- sslHandShakeComplete(false), sslClientConnection(false), sslClientRenegotiationAbort(false), handShakeBuffer(NULL),
+ sslHandShakeComplete(false), sslClientConnection(false), sslClientRenegotiationAbort(false), sslSessionCacheHit(false), handShakeBuffer(NULL),
handShakeHolder(NULL), handShakeReader(NULL), handShakeBioStored(0), sslPreAcceptHookState(SSL_HOOKS_INIT),
sslHandshakeHookState(HANDSHAKE_HOOKS_PRE), npnSet(NULL), npnEndpoint(NULL), sessionAcceptPtr(NULL), iobuf(NULL), reader(NULL),
eosRcvd(false)
@@ -870,6 +870,7 @@ SSLNetVConnection::free(EThread *t)
sslLastWriteTime = 0;
sslTotalBytesSent = 0;
sslClientRenegotiationAbort = false;
+ sslSessionCacheHit = false;
if (SSL_HOOKS_ACTIVE == sslPreAcceptHookState) {
Error("SSLNetVconnection freed with outstanding hook");
}
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/iocore/net/SSLUtils.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 6f64330..bd250d1 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -215,6 +215,8 @@ ssl_get_cached_session(SSL *ssl, unsigned char *id, int len, int *copy)
// from the openssl built-in hash table. The external remove cb is not called
ssl_rm_cached_session(SSL_get_SSL_CTX(ssl), session);
session = NULL;
+ } else if (session) {
+ SSLNetVConnection *netvc = (SSLNetVConnection *)SSL_get_app_data(ssl);
}
}
return session;
@@ -1950,6 +1952,8 @@ ssl_callback_session_ticket(SSL *ssl, unsigned char *keyname, unsigned char *iv,
if (i != 0) // The number of tickets decrypted with "older" keys.
SSL_INCREMENT_DYN_STAT(ssl_total_tickets_verified_old_key_stat);
+ SSLNetVConnection *netvc = (SSLNetVConnection *)SSL_get_app_data(ssl);
+ netvc->setSSLSessionCacheHit(true);
// When we decrypt with an "older" key, encrypt the ticket again with the most recent key.
return (i == 0) ? 1 : 2;
}
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/lib/ts/apidefs.h.in
----------------------------------------------------------------------
diff --git a/lib/ts/apidefs.h.in b/lib/ts/apidefs.h.in
index aa510ff..dca1ff5 100644
--- a/lib/ts/apidefs.h.in
+++ b/lib/ts/apidefs.h.in
@@ -43,6 +43,7 @@
*
*/
+#include <stdbool.h>
#include <stdint.h>
#include <sys/types.h>
#include <sys/socket.h>
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/InkAPI.cc
----------------------------------------------------------------------
diff --git a/proxy/InkAPI.cc b/proxy/InkAPI.cc
index 16973b1..13aa19c 100644
--- a/proxy/InkAPI.cc
+++ b/proxy/InkAPI.cc
@@ -6475,6 +6475,14 @@ TSNetVConnRemoteAddrGet(TSVConn connp)
return vc->get_remote_addr();
}
+void
+TSNetVConnSSLSessionCachedHitSet(TSVConn connp, bool state)
+{
+ sdk_assert(sdk_sanity_check_iocore_structure(connp) == TS_SUCCESS);
+ SSLNetVConnection *vc = reinterpret_cast<SSLNetVConnection *>(connp);
+ vc->setSSLSessionCacheHit(state);
+}
+
TSAction
TSNetConnect(TSCont contp, sockaddr const *addr)
{
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/api/ts/ts.h
----------------------------------------------------------------------
diff --git a/proxy/api/ts/ts.h b/proxy/api/ts/ts.h
index 882d10d..9ba2551 100644
--- a/proxy/api/ts/ts.h
+++ b/proxy/api/ts/ts.h
@@ -1704,6 +1704,7 @@ tsapi TSVConn TSTransformOutputVConnGet(TSVConn connp);
Net VConnections */
tsapi struct sockaddr const *TSNetVConnRemoteAddrGet(TSVConn vc);
+tsapi void TSNetVConnSSLCachedHitSet(TSVConn vc, bool state);
/**
Opens a network connection to the host specified by ip on the port
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/http/HttpSM.cc
----------------------------------------------------------------------
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 37caa6e..cfd5f9c 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -276,8 +276,9 @@ HttpSM::HttpSM()
client_request_hdr_bytes(0), client_request_body_bytes(0), server_request_hdr_bytes(0), server_request_body_bytes(0),
server_response_hdr_bytes(0), server_response_body_bytes(0), client_response_hdr_bytes(0), client_response_body_bytes(0),
cache_response_hdr_bytes(0), cache_response_body_bytes(0), pushed_response_hdr_bytes(0), pushed_response_body_bytes(0),
- plugin_tag(0), plugin_id(0), hooks_set(false), cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0),
- callout_state(HTTP_API_NO_CALLOUT), terminate_sm(false), kill_this_async_done(false), parse_range_done(false)
+ client_tcp_reused(false), client_ssl_reused(false), plugin_tag(0), plugin_id(0), hooks_set(false),
+ cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0), callout_state(HTTP_API_NO_CALLOUT), terminate_sm(false),
+ kill_this_async_done(false), parse_range_done(false)
{
memset(&history, 0, sizeof(history));
memset(&vc_table, 0, sizeof(vc_table));
@@ -472,6 +473,13 @@ HttpSM::attach_client_session(HttpClientSession *client_vc, IOBufferReader *buff
ink_assert(client_vc != NULL);
ua_session = client_vc;
+
+ // Collect log & stats information
+ client_tcp_reused = (1 < ua_session->get_transact_count()) ? true : false;
+ SSLNetVConnection *ssl_vc = dynamic_cast<SSLNetVConnection *>(ua_session->get_netvc());
+ if (ssl_vc != NULL)
+ client_ssl_reused = ssl_vc->getSSLSessionCacheHit();
+
ink_release_assert(ua_session->get_half_close_flag() == false);
mutex = client_vc->mutex;
if (ua_session->debug())
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/http/HttpSM.h
----------------------------------------------------------------------
diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h
index 47f98eb..e8f3f94 100644
--- a/proxy/http/HttpSM.h
+++ b/proxy/http/HttpSM.h
@@ -493,6 +493,8 @@ public:
int64_t cache_response_body_bytes;
int pushed_response_hdr_bytes;
int64_t pushed_response_body_bytes;
+ bool client_tcp_reused;
+ bool client_ssl_reused;
TransactionMilestones milestones;
ink_hrtime api_timer;
// The next two enable plugins to tag the state machine for
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/logging/Log.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/Log.cc b/proxy/logging/Log.cc
index eee7892..6cb712e 100644
--- a/proxy/logging/Log.cc
+++ b/proxy/logging/Log.cc
@@ -454,6 +454,16 @@ Log::init_fields()
global_field_list.add(field, false);
ink_hash_table_insert(field_symbol_hash, "cqbl", field);
+ field = new LogField("client_req_tcp_reused", "cqtr", LogField::dINT, &LogAccess::marshal_client_req_tcp_reused,
+ &LogAccess::unmarshal_int_to_str);
+ global_field_list.add(field, false);
+ ink_hash_table_insert(field_symbol_hash, "cqtr", field);
+
+ field = new LogField("client_req_ssl_reused", "cqssr", LogField::dINT, &LogAccess::marshal_client_req_ssl_reused,
+ &LogAccess::unmarshal_int_to_str);
+ global_field_list.add(field, false);
+ ink_hash_table_insert(field_symbol_hash, "cqssr", field);
+
Ptr<LogFieldAliasTable> finish_status_map = make_ptr(new LogFieldAliasTable);
finish_status_map->init(N_LOG_FINISH_CODE_TYPES, LOG_FINISH_FIN, "FIN", LOG_FINISH_INTR, "INTR", LOG_FINISH_TIMEOUT, "TIMEOUT");
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/logging/LogAccess.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index f43e71c..abe9886 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -236,6 +236,24 @@ LogAccess::marshal_client_req_body_len(char *buf)
-------------------------------------------------------------------------*/
int
+LogAccess::marshal_client_req_tcp_reused(char *buf)
+{
+ DEFAULT_INT_FIELD;
+}
+
+/*-------------------------------------------------------------------------
+ -------------------------------------------------------------------------*/
+
+int
+LogAccess::marshal_client_req_ssl_reused(char *buf)
+{
+ DEFAULT_INT_FIELD;
+}
+
+/*-------------------------------------------------------------------------
+ -------------------------------------------------------------------------*/
+
+int
LogAccess::marshal_client_finish_status_code(char *buf)
{
DEFAULT_INT_FIELD;
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/logging/LogAccess.h
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccess.h b/proxy/logging/LogAccess.h
index 83121fd..67eff71 100644
--- a/proxy/logging/LogAccess.h
+++ b/proxy/logging/LogAccess.h
@@ -185,6 +185,8 @@ public:
inkcoreapi virtual int marshal_client_req_http_version(char *); // INT
inkcoreapi virtual int marshal_client_req_header_len(char *); // INT
inkcoreapi virtual int marshal_client_req_body_len(char *); // INT
+ inkcoreapi virtual int marshal_client_req_tcp_reused(char *); // INT
+ inkcoreapi virtual int marshal_client_req_ssl_reused(char *); // INT
inkcoreapi virtual int marshal_client_finish_status_code(char *); // INT
//
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/logging/LogAccessHttp.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccessHttp.cc b/proxy/logging/LogAccessHttp.cc
index 4b46475..c224a2e 100644
--- a/proxy/logging/LogAccessHttp.cc
+++ b/proxy/logging/LogAccessHttp.cc
@@ -601,6 +601,34 @@ LogAccessHttp::marshal_client_req_body_len(char *buf)
return INK_MIN_ALIGN;
}
+/*-------------------------------------------------------------------------
+ -------------------------------------------------------------------------*/
+
+int
+LogAccessHttp::marshal_client_req_tcp_reused(char *buf)
+{
+ if (buf) {
+ int64_t tcp_reused;
+ tcp_reused = m_http_sm->client_tcp_reused;
+ marshal_int(buf, tcp_reused);
+ }
+ return INK_MIN_ALIGN;
+}
+
+/*-------------------------------------------------------------------------
+ -------------------------------------------------------------------------*/
+
+int
+LogAccessHttp::marshal_client_req_ssl_reused(char *buf)
+{
+ if (buf) {
+ int64_t ssl_session_reused;
+ ssl_session_reused = m_http_sm->client_ssl_reused;
+ marshal_int(buf, ssl_session_reused);
+ }
+ return INK_MIN_ALIGN;
+}
+
int
LogAccessHttp::marshal_client_finish_status_code(char *buf)
{
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/71752c74/proxy/logging/LogAccessHttp.h
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccessHttp.h b/proxy/logging/LogAccessHttp.h
index 587a248..87c5b81 100644
--- a/proxy/logging/LogAccessHttp.h
+++ b/proxy/logging/LogAccessHttp.h
@@ -70,6 +70,8 @@ public:
virtual int marshal_client_req_http_version(char *); // INT
virtual int marshal_client_req_header_len(char *); // INT
virtual int marshal_client_req_body_len(char *); // INT
+ virtual int marshal_client_req_tcp_reused(char *); // INT
+ virtual int marshal_client_req_ssl_reused(char *); // INT
virtual int marshal_client_finish_status_code(char *); // INT
//