From ce3f913e48a68c6f079cff36b75e5d1860630b22 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Wed, 28 May 2014 16:47:01 +0200
Subject: [PATCH] MINOR: stats: add counters for SSL cache lookups and misses

One important aspect of SSL performance tuning is the cache size,
but there's no metric to know whether it's large enough or not. This
commit introduces two counters, one for the cache lookups and another
one for cache misses. These counters are reported on "show info" on
the stats socket. This way, it suffices to see the cache misses
counter constantly grow to know that a larger cache could possibly
help.
---
 include/types/global.h | 1 +
 src/dumpstats.c        | 3 +++
 src/shctx.c            | 9 +++++----
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/include/types/global.h b/include/types/global.h
index fa93cbfab..f7942b35d 100644
--- a/include/types/global.h
+++ b/include/types/global.h
@@ -98,6 +98,7 @@ struct global {
 	int sps_lim, sps_max;
 	int ssl_lim, ssl_max;
 	int ssl_fe_keys_max, ssl_be_keys_max;
+	unsigned int shctx_lookups, shctx_misses;
 	int comp_rate_lim;           /* HTTP compression rate limit */
 	int maxpipes;		/* max # of pipes */
 	int maxsock;		/* max # of sockets */
diff --git a/src/dumpstats.c b/src/dumpstats.c
index 038af887c..fcfad4a0c 100644
--- a/src/dumpstats.c
+++ b/src/dumpstats.c
@@ -2471,6 +2471,8 @@ static int stats_dump_info_to_buffer(struct stream_interface *si)
 		     "SslFrontendSessionReuse_pct: %d\n"
 		     "SslBackendKeyRate: %d\n"
 		     "SslBackendMaxKeyRate: %d\n"
+		     "SslCacheLookups: %u\n"
+		     "SslCacheMisses: %u\n"
 #endif
 	             "CompressBpsIn: %u\n"
 	             "CompressBpsOut: %u\n"
@@ -2505,6 +2507,7 @@ static int stats_dump_info_to_buffer(struct stream_interface *si)
 	             ssl_key_rate, global.ssl_fe_keys_max,
 	             ssl_reuse,
 	             read_freq_ctr(&global.ssl_be_keys_per_sec), global.ssl_be_keys_max,
+		     global.shctx_lookups, global.shctx_misses,
 #endif
 	             read_freq_ctr(&global.comp_bps_in), read_freq_ctr(&global.comp_bps_out),
 	             global.comp_rate_lim,
diff --git a/src/shctx.c b/src/shctx.c
index f33b7ca8e..a22730a48 100644
--- a/src/shctx.c
+++ b/src/shctx.c
@@ -18,16 +18,14 @@
 #else
 #ifdef USE_SYSCALL_FUTEX
 #include <unistd.h>
-#ifndef u32
-#define u32 unsigned int
-#endif
 #include <linux/futex.h>
 #include <sys/syscall.h>
 #endif
 #endif
 #endif
 #include <arpa/inet.h>
-#include "ebmbtree.h"
+#include <ebmbtree.h>
+#include <types/global.h>
 #include "proto/shctx.h"
 
 struct shsess_packet_hdr {
@@ -440,6 +438,8 @@ SSL_SESSION *shctx_get_cb(SSL *ssl, unsigned char *key, int key_len, int *do_cop
 	int data_len;
 	SSL_SESSION *sess;
 
+	global.shctx_lookups++;
+
 	/* allow the session to be freed automatically by openssl */
 	*do_copy = 0;
 
@@ -458,6 +458,7 @@ SSL_SESSION *shctx_get_cb(SSL *ssl, unsigned char *key, int key_len, int *do_cop
 	if (!shsess) {
 		/* no session found: unlock cache and exit */
 		shared_context_unlock();
+		global.shctx_misses++;
 		return NULL;
 	}
 
-- 
2.47.3