28 May
2010
28 May
'10
7:44 a.m.
Module: sip-router
Branch: andrei/tcp_tls_changes
Commit: e40e993ef9039ace73caae09e983abd328ee28fc
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=e40e993…
Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org>
Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org>
Date: Fri May 28 12:35:07 2010 +0200
tls: migrated to the runtime cfg framework
- moved all the module params to runtime config. Most of the
variables are read-only (for now) with the following exceptions:
config - can be changed at runtime and if followed by a
tls.realod, the configuration from the new file will
be loaded.
log
connection_timeout
low_mem_threshold1
low_mem_threshold2
- renamed tls_fix_cfg() to tls_fix_domains_cfg() to avoid
confusion with the runtime cfg (named tls_cfg).
---
modules/tls/tls_cfg.c | 222 +++++++++++++++++++++++++++++++++++++++++++++
modules/tls/tls_cfg.h | 102 +++++++++++++++++++++
modules/tls/tls_config.c | 1 +
modules/tls/tls_domain.c | 32 +++++--
modules/tls/tls_domain.h | 2 +-
modules/tls/tls_dump_vf.c | 4 +
modules/tls/tls_init.c | 89 ++++++++++--------
modules/tls/tls_init.h | 5 -
modules/tls/tls_mod.c | 195 ++++++++++++----------------------------
modules/tls/tls_mod.h | 8 --
modules/tls/tls_rpc.c | 6 +-
modules/tls/tls_select.c | 5 +-
modules/tls/tls_server.c | 18 +++-
13 files changed, 484 insertions(+), 205 deletions(-)
Diff:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=e40…
28 May
28 May
9:10 a.m.
New subject: git:andrei/tcp_tls_changes: tls: migrated to the runtime cfg framework
Am 28.05.2010 13:44, schrieb Andrei Pelinescu-Onciul:
config - can be changed at runtime and if
followed by a
tls.realod, the configuration from the new file will
be loaded.
Andrei, the module README still states:
TLS specific config reloading is not safe, so for now
better
don't use it, especially under heavy traffic.
Is this still the case?
regards
Klaus
1:57 p.m.
New subject: git:andrei/tcp_tls_changes: tls: migrated to the runtime cfg framework
On May 28, 2010 at 15:10, Klaus Darilion <klaus.mailinglists(a)pernau.at> wrote:
Am 28.05.2010 13:44, schrieb Andrei Pelinescu-Onciul:
Yes, there is a race condition when loading the config. It's very hard
to trigger (since the tls domain configs are kept around for some time in an
attempt to avoid this race) and probably if you don't continuously reload
the config while having very heavy tls traffic and some swapping you'll
never be able to trigger it.
Anyway it should be fixed (transformed into something race-free,
similar with the runtime changes in the cfg framework).
Andrei
config - can be changed at runtime and if
followed by a
tls.realod, the configuration from the new file will
be loaded.
Andrei, the module README still states:
TLS specific config reloading is not safe, so for
now better
don't use it, especially under heavy traffic.
Is this still the case?
5226
days inactive
5226
days old
2 comments
2 participants
participants (2)
-
Andrei Pelinescu-Onciul -
Klaus Darilion