[thirdparty/squid.git] / src / ssl / context_storage.h

/*
 * $Id$
 */

#ifndef SQUID_SSL_CONTEXT_STORAGE_H
#define SQUID_SSL_CONTEXT_STORAGE_H

#if USE_SSL

#include "SquidTime.h"
#include "CacheManager.h"
#include "mgr/Action.h"
#include "mgr/Command.h"
#if HAVE_MAP
#include <map>
#endif
#if HAVE_LIST
#include <list>
#endif
#include <openssl/ssl.h>


/// TODO: Replace on real size.
#define SSL_CTX_SIZE 1024

namespace  Ssl
{

/** Reports cached SSL certificate stats to Cache Manager.
 * TODO: Use "Report" functions instead friend class.
 */
class CertificateStorageAction : public Mgr::Action
{
public:
    CertificateStorageAction(const Mgr::Command::Pointer &cmd);
    static Pointer Create(const Mgr::Command::Pointer &cmd);
    virtual void dump (StoreEntry *sentry);
    /**
     * We do not support aggregation of information across workers
     * TODO: aggregate these stats
     */
    virtual bool aggregatable() const { return false; }
};

/**
 * Memory cache for store generated SSL context. Enforces total size limits
 * using an LRU algorithm.
 */
class LocalContextStorage
{
    friend class CertificateStorageAction;
public:
    /// Cache item is an (SSL_CTX, host name) tuple.
    class Item
    {
    public:
        Item(SSL_CTX * aSsl_ctx, std::string const & aName);
        ~Item();
    public:
        SSL_CTX * ssl_ctx; ///< The SSL context.
        std::string host_name; ///< The host name of the SSL context.
    };

    typedef std::list<Item *> Queue;
    typedef Queue::iterator QueueIterator;

    /// host_name:queue_item mapping for fast lookups by host name
    typedef std::map<std::string, QueueIterator> Map;
    typedef Map::iterator MapIterator;
    typedef std::pair<std::string, QueueIterator> MapPair;

    LocalContextStorage(size_t aMax_memory);
    ~LocalContextStorage();
    /// Set maximum memory size for this storage.
    void SetSize(size_t aMax_memory);
    /// Return a pointer to the  added ssl_ctx or NULL if fails (eg. max cache size equal 0).
    SSL_CTX * add(char const * host_name, SSL_CTX * ssl_ctx);
    /// Find SSL_CTX in storage by host name. Lru queue will be updated.
    SSL_CTX * find(char const * host_name);
    void remove(char const * host_name); ///< Delete the SSL context by hostname

private:
    void purgeOne(); ///< Delete oldest object.
    /// Delete object by iterator. It is used in deletePurge() and remove(...) methods.
    void deleteAt(MapIterator i);

    size_t max_memory; ///< Max cache size.
    size_t memory_used; ///< Used cache size.
    Map storage; ///< The hostnames/SSL_CTX * pairs
    Queue lru_queue; ///< LRU cache index
};

/// Class for storing/manipulating LocalContextStorage per local listening address/port.
class GlobalContextStorage
{
    friend class CertificateStorageAction;
public:
    GlobalContextStorage();
    ~GlobalContextStorage();
    /// Create new SSL context storage for the local listening address/port.
    void addLocalStorage(Ip::Address const & address, size_t size_of_store);
    /// Return the local storage for the given listening address/port.
    LocalContextStorage & getLocalStorage(Ip::Address const & address);
    /// When reconfigring should be called this method.
    void reconfigureStart();
private:
    /// Called by getLocalStorage method
    void reconfigureFinish();
    bool reconfiguring; ///< True if system reconfiguring now.
    /// Storage used on configure or reconfigure.
    std::map<Ip::Address, size_t> configureStorage;
    /// Map for storing all local ip address and their local storages.
    std::map<Ip::Address, LocalContextStorage *> storage;
};

/// Global cache for store all SSL server certificates.
extern GlobalContextStorage TheGlobalContextStorage;
} //namespace Ssl
#endif // USE_SSL

#endif // SQUID_SSL_CONTEXT_STORAGE_H
Commit	Line	Data
95d2589c CT	1	/*
	2	* $Id$
	3	*/
	4
	5	#ifndef SQUID_SSL_CONTEXT_STORAGE_H
	6	#define SQUID_SSL_CONTEXT_STORAGE_H
	7
	8	#if USE_SSL
	9
	10	#include "SquidTime.h"
	11	#include "CacheManager.h"
	12	#include "mgr/Action.h"
	13	#include "mgr/Command.h"
	14	#if HAVE_MAP
	15	#include <map>
	16	#endif
	17	#if HAVE_LIST
	18	#include <list>
	19	#endif
a011edee FC	20	#include <openssl/ssl.h>
a011edee FC	21
95d2589c CT	22
	23	/// TODO: Replace on real size.
	24	#define SSL_CTX_SIZE 1024
	25
	26	namespace Ssl
	27	{
	28
	29	/** Reports cached SSL certificate stats to Cache Manager.
	30	* TODO: Use "Report" functions instead friend class.
	31	*/
	32	class CertificateStorageAction : public Mgr::Action
	33	{
	34	public:
	35	CertificateStorageAction(const Mgr::Command::Pointer &cmd);
	36	static Pointer Create(const Mgr::Command::Pointer &cmd);
	37	virtual void dump (StoreEntry *sentry);
	38	/**
	39	* We do not support aggregation of information across workers
	40	* TODO: aggregate these stats
	41	*/
	42	virtual bool aggregatable() const { return false; }
	43	};
	44
	45	/**
	46	* Memory cache for store generated SSL context. Enforces total size limits
	47	* using an LRU algorithm.
	48	*/
	49	class LocalContextStorage
	50	{
	51	friend class CertificateStorageAction;
	52	public:
	53	/// Cache item is an (SSL_CTX, host name) tuple.
	54	class Item
	55	{
	56	public:
	57	Item(SSL_CTX * aSsl_ctx, std::string const & aName);
	58	~Item();
	59	public:
	60	SSL_CTX * ssl_ctx; ///< The SSL context.
	61	std::string host_name; ///< The host name of the SSL context.
	62	};
	63
	64	typedef std::list<Item *> Queue;
	65	typedef Queue::iterator QueueIterator;
	66
	67	/// host_name:queue_item mapping for fast lookups by host name
	68	typedef std::map<std::string, QueueIterator> Map;
	69	typedef Map::iterator MapIterator;
	70	typedef std::pair<std::string, QueueIterator> MapPair;
	71
	72	LocalContextStorage(size_t aMax_memory);
	73	~LocalContextStorage();
	74	/// Set maximum memory size for this storage.
	75	void SetSize(size_t aMax_memory);
	76	/// Return a pointer to the added ssl_ctx or NULL if fails (eg. max cache size equal 0).
	77	SSL_CTX * add(char const * host_name, SSL_CTX * ssl_ctx);
	78	/// Find SSL_CTX in storage by host name. Lru queue will be updated.
	79	SSL_CTX * find(char const * host_name);
	80	void remove(char const * host_name); ///< Delete the SSL context by hostname
	81
	82	private:
	83	void purgeOne(); ///< Delete oldest object.
	84	/// Delete object by iterator. It is used in deletePurge() and remove(...) methods.
	85	void deleteAt(MapIterator i);
86
87	size_t max_memory; ///< Max cache size.
88	size_t memory_used; ///< Used cache size.
89	Map storage; ///< The hostnames/SSL_CTX * pairs
90	Queue lru_queue; ///< LRU cache index
91	};
92
95d2589c CT	93	/// Class for storing/manipulating LocalContextStorage per local listening address/port.
	94	class GlobalContextStorage
	95	{
	96	friend class CertificateStorageAction;
	97	public:
	98	GlobalContextStorage();
	99	~GlobalContextStorage();
	100	/// Create new SSL context storage for the local listening address/port.
	101	void addLocalStorage(Ip::Address const & address, size_t size_of_store);
	102	/// Return the local storage for the given listening address/port.
	103	LocalContextStorage & getLocalStorage(Ip::Address const & address);
	104	/// When reconfigring should be called this method.
	105	void reconfigureStart();
	106	private:
	107	/// Called by getLocalStorage method
	108	void reconfigureFinish();
	109	bool reconfiguring; ///< True if system reconfiguring now.
	110	/// Storage used on configure or reconfigure.
	111	std::map<Ip::Address, size_t> configureStorage;
	112	/// Map for storing all local ip address and their local storages.
	113	std::map<Ip::Address, LocalContextStorage *> storage;
	114	};
	115
	116	/// Global cache for store all SSL server certificates.
	117	extern GlobalContextStorage TheGlobalContextStorage;
	118	} //namespace Ssl
	119	#endif // USE_SSL
	120
	121	#endif // SQUID_SSL_CONTEXT_STORAGE_H