Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable client side session cache when using native SSL by default #13562

Merged
merged 1 commit into from Aug 24, 2023
Merged

Enable client side session cache when using native SSL by default #13562

merged 1 commit into from Aug 24, 2023

Conversation

normanmaurer
Copy link
Member

Motivation:

When we introduced support for client side session caching for our native SSL implementation we disabled it by default as some java versions had a bug that could result in a NPE. This was fixed for all java versions >= 8 for a while. Let's enable it by default so people will receive the performance gains with the need to adjust properties.

Related JDK ticket:
https://bugs.openjdk.org/browse/JDK-8241248

Modifications:

Set io.netty.handler.ssl.openssl.sessionCacheClient to true by default

Result:

Enable client session caching by default.

@normanmaurer
Enable client side session cache when using native SSL by default
a7494f9 
Motivation:

When we introduced support for client side session caching for our native SSL implementation we disabled it by default as some java versions had a bug that could result in a NPE. This was fixed for all java versions >= 8 for a while. Let's enable it by default so people will receive the performance gains with the need to adjust properties.

Related JDK ticket:
https://bugs.openjdk.org/browse/JDK-8241248

Modifications:

Set io.netty.handler.ssl.openssl.sessionCacheClient to true by default

Result:

Enable client session caching by default.
@normanmaurer normanmaurer added this to the 4.1.97.Final milestone Aug 22, 2023
@normanmaurer
Copy link
Member Author

/cc @trustin

@hyperxpro
Copy link
Contributor

Do we have an end-to-end caching unit test?

@normanmaurer
Copy link
Member Author

@hyperxpro yes tests are already there

hyperxpro
hyperxpro reviewed Aug 22, 2023
View reviewed changes
handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslContext.java
@@ -115,10 +115,8 @@ public abstract class ReferenceCountedOpenSslContext extends SslContext implemen

static final boolean SERVER_ENABLE_SESSION_CACHE =
SystemPropertyUtil.getBoolean("io.netty.handler.ssl.openssl.sessionCacheServer", true);
// session caching is disabled by default on the client side due a JDK bug:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's update this comment then stating it is now enabled from being disabled previously. Also, let's add a logger for this in the static block so people can explicitly know that it's turned on now.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

honestly I think there is no need for a comment or static logger

@normanmaurer normanmaurer merged commit 215329f into 4.1 Aug 24, 2023
14 checks passed
@normanmaurer normanmaurer deleted the enable_client_cache branch August 24, 2023 08:54
normanmaurer added a commit that referenced this pull request Aug 24, 2023
@normanmaurer
Enable client side session cache when using native SSL by default (#1…
39e648d 
…3562)

Motivation:

When we introduced support for client side session caching for our
native SSL implementation we disabled it by default as some java
versions had a bug that could result in a NPE. This was fixed for all
java versions >= 8 for a while. Let's enable it by default so people
will receive the performance gains with the need to adjust properties.

Related JDK ticket:
https://bugs.openjdk.org/browse/JDK-8241248

Modifications:

Set io.netty.handler.ssl.openssl.sessionCacheClient to true by default

Result:

Enable client session caching by default.
violetagg added a commit to reactor/reactor-netty that referenced this pull request Aug 30, 2023
@violetagg
[test] Adapt SslProviderTests to a change in Netty SNAPSHOT
b83cc8a 
netty/netty#13562
This change enables client side session cache when using native SSL by default

The current CI build with Netty SNAPSHOT fails
https://github.com/reactor/reactor-netty/actions/runs/6025947526
@violetagg violetagg mentioned this pull request Aug 30, 2023
Merged
violetagg added a commit to reactor/reactor-netty that referenced this pull request Aug 30, 2023
@violetagg
Adapt SslProviderTests to a change in Netty SNAPSHOT (#2887)
4abc308 
netty/netty#13562
This change enables client side session cache when using native SSL by default

The current CI build with Netty SNAPSHOT fails
https://github.com/reactor/reactor-netty/actions/runs/6025947526
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hyperxpro hyperxpro hyperxpro left review comments

@chrisvest chrisvest chrisvest approved these changes

@franz1981 franz1981 Awaiting requested review from franz1981

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
4.1.98.Final
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@normanmaurer @hyperxpro @chrisvest