[thirdparty/squid.git] / src / ssl / context_storage.h

/*
 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#ifndef SQUID_SSL_CONTEXT_STORAGE_H
#define SQUID_SSL_CONTEXT_STORAGE_H

#if USE_OPENSSL

#include "base/LruMap.h"
#include "CacheManager.h"
#include "compat/openssl.h"
#include "ip/Address.h"
#include "mgr/Action.h"
#include "mgr/Command.h"
#include "security/forward.h"
#include "SquidTime.h"
#include "ssl/gadgets.h"

#include <list>
#include <map>
#if HAVE_OPENSSL_SSL_H
#include <openssl/ssl.h>
#endif

/// TODO: Replace on real size.
#define SSL_CTX_SIZE 1024

namespace  Ssl
{

/** Reports cached SSL certificate stats to Cache Manager.
 * TODO: Use "Report" functions instead friend class.
 */
class CertificateStorageAction : public Mgr::Action
{
public:
    CertificateStorageAction(const Mgr::Command::Pointer &cmd);
    static Pointer Create(const Mgr::Command::Pointer &cmd);
    virtual void dump (StoreEntry *sentry);
    /**
     * We do not support aggregation of information across workers
     * TODO: aggregate these stats
     */
    virtual bool aggregatable() const { return false; }
};

typedef LruMap<SBuf, Security::ContextPointer, SSL_CTX_SIZE> LocalContextStorage;

/// Class for storing/manipulating LocalContextStorage per local listening address/port.
class GlobalContextStorage
{
    friend class CertificateStorageAction;
public:
    GlobalContextStorage();
    ~GlobalContextStorage();
    /// Create new SSL context storage for the local listening address/port.
    void addLocalStorage(Ip::Address const & address, size_t size_of_store);
    /// Return the local storage for the given listening address/port.
    LocalContextStorage *getLocalStorage(Ip::Address const & address);
    /// When reconfigring should be called this method.
    void reconfigureStart();
private:
    /// Called by getLocalStorage method
    void reconfigureFinish();
    bool reconfiguring; ///< True if system reconfiguring now.
    /// Storage used on configure or reconfigure.
    std::map<Ip::Address, size_t> configureStorage;
    /// Map for storing all local ip address and their local storages.
    std::map<Ip::Address, LocalContextStorage *> storage;
};

/// Global cache for store all SSL server certificates.
extern GlobalContextStorage TheGlobalContextStorage;
} //namespace Ssl
#endif // USE_OPENSSL

#endif // SQUID_SSL_CONTEXT_STORAGE_H
Commit	Line	Data
bbc27441	1	/*
77b1029d	2	* Copyright (C) 1996-2020 The Squid Software Foundation and contributors
bbc27441 AJ	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
95d2589c CT	9	#ifndef SQUID_SSL_CONTEXT_STORAGE_H
	10	#define SQUID_SSL_CONTEXT_STORAGE_H
	11
cb4f4424	12	#if USE_OPENSSL
95d2589c	13
14798e73	14	#include "base/LruMap.h"
95d2589c	15	#include "CacheManager.h"
24b30fdc	16	#include "compat/openssl.h"
c6983ec7	17	#include "ip/Address.h"
95d2589c CT	18	#include "mgr/Action.h"
95d2589c CT	19	#include "mgr/Command.h"
3db3be00	20	#include "security/forward.h"
602d9612	21	#include "SquidTime.h"
14798e73	22	#include "ssl/gadgets.h"
074d6a40	23
95d2589c	24	#include <list>
074d6a40	25	#include <map>
cb4f4424	26	#if HAVE_OPENSSL_SSL_H
a011edee	27	#include <openssl/ssl.h>
cb4f4424	28	#endif
a011edee	29
95d2589c CT	30	/// TODO: Replace on real size.
	31	#define SSL_CTX_SIZE 1024
	32
	33	namespace Ssl
	34	{
	35
	36	/** Reports cached SSL certificate stats to Cache Manager.
	37	* TODO: Use "Report" functions instead friend class.
	38	*/
	39	class CertificateStorageAction : public Mgr::Action
	40	{
	41	public:
	42	CertificateStorageAction(const Mgr::Command::Pointer &cmd);
	43	static Pointer Create(const Mgr::Command::Pointer &cmd);
	44	virtual void dump (StoreEntry *sentry);
	45	/**
	46	* We do not support aggregation of information across workers
	47	* TODO: aggregate these stats
	48	*/
	49	virtual bool aggregatable() const { return false; }
	50	};
	51
5107d2c4	52	typedef LruMap<SBuf, Security::ContextPointer, SSL_CTX_SIZE> LocalContextStorage;
95d2589c	53
95d2589c CT	54	/// Class for storing/manipulating LocalContextStorage per local listening address/port.
	55	class GlobalContextStorage
	56	{
	57	friend class CertificateStorageAction;
	58	public:
	59	GlobalContextStorage();
	60	~GlobalContextStorage();
	61	/// Create new SSL context storage for the local listening address/port.
	62	void addLocalStorage(Ip::Address const & address, size_t size_of_store);
	63	/// Return the local storage for the given listening address/port.
9873e378	64	LocalContextStorage *getLocalStorage(Ip::Address const & address);
95d2589c CT	65	/// When reconfigring should be called this method.
	66	void reconfigureStart();
	67	private:
	68	/// Called by getLocalStorage method
	69	void reconfigureFinish();
	70	bool reconfiguring; ///< True if system reconfiguring now.
	71	/// Storage used on configure or reconfigure.
	72	std::map<Ip::Address, size_t> configureStorage;
	73	/// Map for storing all local ip address and their local storages.
	74	std::map<Ip::Address, LocalContextStorage *> storage;
	75	};
	76
	77	/// Global cache for store all SSL server certificates.
	78	extern GlobalContextStorage TheGlobalContextStorage;
	79	} //namespace Ssl
cb4f4424	80	#endif // USE_OPENSSL
95d2589c CT	81
95d2589c CT	82	#endif // SQUID_SSL_CONTEXT_STORAGE_H
f53969cc	83