src/ssl/context_storage.cc

   1 /*
   2  * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #include "squid.h"
  10 #include "base/PackableStream.h"
  11 #include "mgr/Registration.h"
  12 #include "ssl/context_storage.h"
  13 #include "Store.h"
  14
  15 #include <limits>
  16 #if HAVE_OPENSSL_SSL_H
  17 #include <openssl/ssl.h>
  18 #endif
  19
  20 Ssl::CertificateStorageAction::CertificateStorageAction(const Mgr::Command::Pointer &aCmd)
  21     :   Mgr::Action(aCmd)
  22 {}
  23
  24 Ssl::CertificateStorageAction::Pointer
  25 Ssl::CertificateStorageAction::Create(const Mgr::Command::Pointer &aCmd)
  26 {
  27     return new CertificateStorageAction(aCmd);
  28 }
  29
  30 void Ssl::CertificateStorageAction::dump (StoreEntry *sentry)
  31 {
  32     PackableStream stream(*sentry);
  33     const char delimiter = '\t';
  34     const char endString = '\n';
  35     // Page title.
  36     stream << "Cached ssl certificates statistic.\n";
  37     // Title of statistic table.
  38     stream << "Port" << delimiter << "Max mem(KB)" << delimiter << "Cert number" << delimiter << "KB/cert" << delimiter << "Mem used(KB)" << delimiter << "Mem free(KB)" << endString;
  39
  40     // Add info for each port.
  41     for (std::map<Ip::Address, LocalContextStorage *>::iterator i = TheGlobalContextStorage.storage.begin(); i != TheGlobalContextStorage.storage.end(); ++i) {
  42         stream << i->first << delimiter;
  43         LocalContextStorage & ssl_store_policy(*(i->second));
  44         stream << ssl_store_policy.memLimit() / 1024 << delimiter;
  45         stream << ssl_store_policy.entries() << delimiter;
  46         stream << SSL_CTX_SIZE / 1024 << delimiter;
  47         stream << ssl_store_policy.size() / 1024 << delimiter;
  48         stream << ssl_store_policy.freeMem() / 1024 << endString;
  49     }
  50     stream << endString;
  51     stream.flush();
  52 }
  53
  54 ///////////////////////////////////////////////////////
  55
  56 Ssl::GlobalContextStorage::GlobalContextStorage()
  57     :   reconfiguring(true)
  58 {
  59     RegisterAction("cached_ssl_cert", "Statistic of cached generated ssl certificates", &CertificateStorageAction::Create, 0, 1);
  60 }
  61
  62 Ssl::GlobalContextStorage::~GlobalContextStorage()
  63 {
  64     for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end(); ++i) {
  65         delete i->second;
  66     }
  67 }
  68
  69 void Ssl::GlobalContextStorage::addLocalStorage(Ip::Address const & address, size_t size_of_store)
  70 {
  71     assert(reconfiguring);
  72     configureStorage.insert(std::pair<Ip::Address, size_t>(address, size_of_store));
  73 }
  74
  75 Ssl::LocalContextStorage *Ssl::GlobalContextStorage::getLocalStorage(Ip::Address const & address)
  76 {
  77     reconfigureFinish();
  78     std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.find(address);
  79
  80     if (i == storage.end())
  81         return NULL;
  82     else
  83         return i->second;
  84 }
  85
  86 void Ssl::GlobalContextStorage::reconfigureStart()
  87 {
  88     configureStorage.clear();
  89     reconfiguring = true;
  90 }
  91
  92 void Ssl::GlobalContextStorage::reconfigureFinish()
  93 {
  94     if (reconfiguring) {
  95         reconfiguring = false;
  96
  97         // remove or change old local storages.
  98         for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end();) {
  99             std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.find(i->first);
 100             if (conf_i == configureStorage.end() || conf_i->second <= 0) {
 101                 delete i->second;
 102                 storage.erase(i++);
 103             } else {
 104                 i->second->setMemLimit(conf_i->second);
 105                 ++i;
 106             }
 107         }
 108
 109         // add new local storages.
 110         for (std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.begin(); conf_i != configureStorage.end(); ++conf_i ) {
 111             if (storage.find(conf_i->first) == storage.end() && conf_i->second > 0) {
 112                 storage.insert(std::pair<Ip::Address, LocalContextStorage *>(conf_i->first, new LocalContextStorage(-1, conf_i->second)));
 113             }
 114         }
 115     }
 116 }
 117
 118 Ssl::GlobalContextStorage Ssl::TheGlobalContextStorage;
 119