Adds metrics and log fields for tracking TLS handshake bytes#12763
Open
zwoop wants to merge 4 commits intoapache:masterfrom
Open
Adds metrics and log fields for tracking TLS handshake bytes#12763zwoop wants to merge 4 commits intoapache:masterfrom
zwoop wants to merge 4 commits intoapache:masterfrom
Conversation
zwoop
force-pushed
the
HandshakeMetrics
branch
4 times, most recently
from
3bfc675 to
9300fc0
Compare
maskit
reviewed
Dec 16, 2025
maskit
reviewed
Dec 16, 2025
maskit
reviewed
Dec 16, 2025
zwoop
force-pushed
the
HandshakeMetrics
branch
2 times, most recently
from
f43460e to
da26361
Compare
Contributor
Author
|
I think I've addressed @maskit's concerns in the latest update. |
maskit
reviewed
Dec 16, 2025
zwoop
force-pushed
the
HandshakeMetrics
branch
from
da26361 to
b6515d9
Compare
bneradt
requested changes
Feb 21, 2026
bneradt
previously requested changes
Feb 21, 2026
Add txn log fields for the same HS metrics Requestor: Craig T.
zwoop
force-pushed
the
HandshakeMetrics
branch
from
b6515d9 to
088345b
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds visibility into the network cost of TLS handshakes by exposing handshake byte counts as both process metrics and new logging fields. It integrates the measurement at the TLS layer (BIO byte counters) and surfaces it through HttpUserAgent/LogAccess, with documentation updates for the new log format tokens.
Changes:
- Add TLS handshake byte capture to
TLSBasicSupportand increment new process counters onSSL_CB_HANDSHAKE_DONE. - Introduce new logging fields for handshake bytes (rx/tx/total) and “squid length + handshake bytes” variants for first transactions.
- Document the new log format symbols in the admin guide.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
src/proxy/logging/LogAccess.cc |
Adds marshalers for new TLS-handshake-related log fields and squid-len+TLS variants. |
src/proxy/logging/Log.cc |
Registers new log fields and short symbols (cqqtl, cthbr, cthbt, cthb, psqtl). |
src/iocore/net/TLSBasicSupport.cc |
Implements handshake byte retrieval/caching via BIO counters. |
src/iocore/net/SSLUtils.cc |
Increments new handshake-byte metrics when the handshake completes. |
src/iocore/net/SSLStats.h / src/iocore/net/SSLStats.cc |
Adds and initializes new counters for total handshake bytes in/out. |
include/proxy/logging/LogAccess.h |
Declares new LogAccess marshalers. |
include/proxy/http/HttpUserAgent.h |
Stores TLS handshake rx/tx bytes and early-data length into ClientConnectionInfo. |
include/iocore/net/TLSBasicSupport.h |
Declares get_tls_handshake_bytes(). |
src/iocore/net/SSLNetVConnection.cc |
Minor formatting adjustment in clear(). |
doc/admin-guide/logging/formatting.en.rst |
Documents new log symbols and descriptions. |
- Use _tls_handshake_bytes_measured flag instead of > 0 sentinel, so the cache works correctly when both byte counts are zero - Use std::min() when subtracting early data from handshake_rx to handle the == case and prevent underflow - Add static_cast<int64_t> to marshal_int calls for rx/tx bytes
Contributor
Author
|
[approve ci centos] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.