diff --git a/gennghttpxfun.py b/gennghttpxfun.py index 043e9426..1d9dc846 100755 --- a/gennghttpxfun.py +++ b/gennghttpxfun.py @@ -115,7 +115,6 @@ OPTIONS = [ "max-header-fields", "no-http2-cipher-black-list", "backend-http1-tls", - "backend-tls-session-cache-per-worker", "tls-session-cache-memcached-cert-file", "tls-session-cache-memcached-private-key-file", "tls-session-cache-memcached-address-family", diff --git a/src/shrpx.cc b/src/shrpx.cc index f84f10ea..cd00e635 100644 --- a/src/shrpx.cc +++ b/src/shrpx.cc @@ -1077,7 +1077,6 @@ void fill_default_config() { } tlsconf.session_timeout = std::chrono::hours(12); - tlsconf.downstream_session_cache_per_worker = 10000; auto &httpconf = mod_config()->http; httpconf.server_name = "nghttpx nghttp2/" NGHTTP2_VERSION; @@ -1629,11 +1628,6 @@ SSL/TLS: Allow black listed cipher suite on HTTP/2 connection. See https://tools.ietf.org/html/rfc7540#appendix-A for the complete HTTP/2 cipher suites black list. - --backend-tls-session-cache-per-worker= - Set the maximum number of backend TLS session cache - stored per worker. - Default: )" - << get_config()->tls.downstream_session_cache_per_worker << R"( HTTP/2 and SPDY: -c, --http2-max-concurrent-streams= @@ -2451,8 +2445,6 @@ int main(int argc, char **argv) { {SHRPX_OPT_REQUEST_HEADER_FIELD_BUFFER, required_argument, &flag, 104}, {SHRPX_OPT_MAX_REQUEST_HEADER_FIELDS, required_argument, &flag, 105}, {SHRPX_OPT_BACKEND_HTTP1_TLS, no_argument, &flag, 106}, - {SHRPX_OPT_BACKEND_TLS_SESSION_CACHE_PER_WORKER, required_argument, - &flag, 107}, {SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED_TLS, no_argument, &flag, 108}, {SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED_CERT_FILE, required_argument, &flag, 109}, @@ -2921,11 +2913,6 @@ int main(int argc, char **argv) { // --backend-http1-tls cmdcfgs.emplace_back(SHRPX_OPT_BACKEND_HTTP1_TLS, "yes"); break; - case 107: - // --backend-tls-session-cache-per-worker - cmdcfgs.emplace_back(SHRPX_OPT_BACKEND_TLS_SESSION_CACHE_PER_WORKER, - optarg); - break; case 108: // --tls-session-cache-memcached-tls cmdcfgs.emplace_back(SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED_TLS, "yes"); diff --git a/src/shrpx_config.cc b/src/shrpx_config.cc index 4d95ffe2..f61788b7 100644 --- a/src/shrpx_config.cc +++ b/src/shrpx_config.cc @@ -668,7 +668,6 @@ enum { SHRPX_OPTID_BACKEND_READ_TIMEOUT, SHRPX_OPTID_BACKEND_REQUEST_BUFFER, SHRPX_OPTID_BACKEND_RESPONSE_BUFFER, - SHRPX_OPTID_BACKEND_TLS_SESSION_CACHE_PER_WORKER, SHRPX_OPTID_BACKEND_TLS_SNI_FIELD, SHRPX_OPTID_BACKEND_WRITE_TIMEOUT, SHRPX_OPTID_BACKLOG, @@ -1394,9 +1393,6 @@ int option_lookup_token(const char *name, size_t namelen) { if (util::strieq_l("backend-http2-connections-per-worke", name, 35)) { return SHRPX_OPTID_BACKEND_HTTP2_CONNECTIONS_PER_WORKER; } - if (util::strieq_l("backend-tls-session-cache-per-worke", name, 35)) { - return SHRPX_OPTID_BACKEND_TLS_SESSION_CACHE_PER_WORKER; - } break; case 's': if (util::strieq_l("backend-http2-connection-window-bit", name, 35)) { @@ -2285,9 +2281,6 @@ int parse_config(const char *opt, const char *optarg, mod_config()->conn.downstream.http1_tls = util::strieq(optarg, "yes"); return 0; - case SHRPX_OPTID_BACKEND_TLS_SESSION_CACHE_PER_WORKER: - return parse_uint(&mod_config()->tls.downstream_session_cache_per_worker, - opt, optarg); case SHRPX_OPTID_TLS_SESSION_CACHE_MEMCACHED_TLS: mod_config()->tls.session_cache.memcached.tls = util::strieq(optarg, "yes"); diff --git a/src/shrpx_config.h b/src/shrpx_config.h index 1a760d9e..aba62253 100644 --- a/src/shrpx_config.h +++ b/src/shrpx_config.h @@ -210,8 +210,6 @@ constexpr char SHRPX_OPT_MAX_RESPONSE_HEADER_FIELDS[] = constexpr char SHRPX_OPT_NO_HTTP2_CIPHER_BLACK_LIST[] = "no-http2-cipher-black-list"; constexpr char SHRPX_OPT_BACKEND_HTTP1_TLS[] = "backend-http1-tls"; -constexpr char SHRPX_OPT_BACKEND_TLS_SESSION_CACHE_PER_WORKER[] = - "backend-tls-session-cache-per-worker"; constexpr char SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED_TLS[] = "tls-session-cache-memcached-tls"; constexpr char SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED_CERT_FILE[] = @@ -420,7 +418,6 @@ struct TLSConfig { std::vector npn_list; // list of supported SSL/TLS protocol strings. std::vector tls_proto_list; - size_t downstream_session_cache_per_worker; // Bit mask to disable SSL/TLS protocol versions. This will be // passed to SSL_CTX_set_options(). long int tls_proto_mask;