src/ssl/context_storage.h

   1 /*
   2  * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef SQUID_SSL_CONTEXT_STORAGE_H
  10 #define SQUID_SSL_CONTEXT_STORAGE_H
  11
  12 #if USE_OPENSSL
  13
  14 #include "base/LruMap.h"
  15 #include "CacheManager.h"
  16 #include "ip/Address.h"
  17 #include "mgr/Action.h"
  18 #include "mgr/Command.h"
  19 #include "security/forward.h"
  20 #include "SquidTime.h"
  21 #include "ssl/gadgets.h"
  22
  23 #include <list>
  24 #include <map>
  25 #if HAVE_OPENSSL_SSL_H
  26 #include <openssl/ssl.h>
  27 #endif
  28
  29 /// TODO: Replace on real size.
  30 #define SSL_CTX_SIZE 1024
  31
  32 namespace  Ssl
  33 {
  34
  35 /** Reports cached SSL certificate stats to Cache Manager.
  36  * TODO: Use "Report" functions instead friend class.
  37  */
  38 class CertificateStorageAction : public Mgr::Action
  39 {
  40 public:
  41     CertificateStorageAction(const Mgr::Command::Pointer &cmd);
  42     static Pointer Create(const Mgr::Command::Pointer &cmd);
  43     virtual void dump (StoreEntry *sentry);
  44     /**
  45      * We do not support aggregation of information across workers
  46      * TODO: aggregate these stats
  47      */
  48     virtual bool aggregatable() const { return false; }
  49 };
  50
  51 typedef LruMap<SBuf, Security::ContextPointer, SSL_CTX_SIZE> LocalContextStorage;
  52
  53 /// Class for storing/manipulating LocalContextStorage per local listening address/port.
  54 class GlobalContextStorage
  55 {
  56     friend class CertificateStorageAction;
  57 public:
  58     GlobalContextStorage();
  59     ~GlobalContextStorage();
  60     /// Create new SSL context storage for the local listening address/port.
  61     void addLocalStorage(Ip::Address const & address, size_t size_of_store);
  62     /// Return the local storage for the given listening address/port.
  63     LocalContextStorage *getLocalStorage(Ip::Address const & address);
  64     /// When reconfigring should be called this method.
  65     void reconfigureStart();
  66 private:
  67     /// Called by getLocalStorage method
  68     void reconfigureFinish();
  69     bool reconfiguring; ///< True if system reconfiguring now.
  70     /// Storage used on configure or reconfigure.
  71     std::map<Ip::Address, size_t> configureStorage;
  72     /// Map for storing all local ip address and their local storages.
  73     std::map<Ip::Address, LocalContextStorage *> storage;
  74 };
  75
  76 /// Global cache for store all SSL server certificates.
  77 extern GlobalContextStorage TheGlobalContextStorage;
  78 } //namespace Ssl
  79 #endif // USE_OPENSSL
  80
  81 #endif // SQUID_SSL_CONTEXT_STORAGE_H
  82