src/ssl/context_storage.h

   1 /*
   2  * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef SQUID_SSL_CONTEXT_STORAGE_H
  10 #define SQUID_SSL_CONTEXT_STORAGE_H
  11
  12 #if USE_OPENSSL
  13
  14 #include "base/LruMap.h"
  15 #include "CacheManager.h"
  16 #include "compat/openssl.h"
  17 #include "ip/Address.h"
  18 #include "mgr/Action.h"
  19 #include "mgr/Command.h"
  20 #include "security/forward.h"
  21 #include "SquidTime.h"
  22 #include "ssl/gadgets.h"
  23
  24 #include <list>
  25 #include <map>
  26 #if HAVE_OPENSSL_SSL_H
  27 #include <openssl/ssl.h>
  28 #endif
  29
  30 /// TODO: Replace on real size.
  31 #define SSL_CTX_SIZE 1024
  32
  33 namespace  Ssl
  34 {
  35
  36 /** Reports cached SSL certificate stats to Cache Manager.
  37  * TODO: Use "Report" functions instead friend class.
  38  */
  39 class CertificateStorageAction : public Mgr::Action
  40 {
  41 public:
  42     CertificateStorageAction(const Mgr::Command::Pointer &cmd);
  43     static Pointer Create(const Mgr::Command::Pointer &cmd);
  44     virtual void dump (StoreEntry *sentry);
  45     /**
  46      * We do not support aggregation of information across workers
  47      * TODO: aggregate these stats
  48      */
  49     virtual bool aggregatable() const { return false; }
  50 };
  51
  52 typedef LruMap<SBuf, Security::ContextPointer, SSL_CTX_SIZE> LocalContextStorage;
  53
  54 /// Class for storing/manipulating LocalContextStorage per local listening address/port.
  55 class GlobalContextStorage
  56 {
  57     friend class CertificateStorageAction;
  58 public:
  59     GlobalContextStorage();
  60     ~GlobalContextStorage();
  61     /// Create new SSL context storage for the local listening address/port.
  62     void addLocalStorage(Ip::Address const & address, size_t size_of_store);
  63     /// Return the local storage for the given listening address/port.
  64     LocalContextStorage *getLocalStorage(Ip::Address const & address);
  65     /// When reconfigring should be called this method.
  66     void reconfigureStart();
  67 private:
  68     /// Called by getLocalStorage method
  69     void reconfigureFinish();
  70     bool reconfiguring; ///< True if system reconfiguring now.
  71     /// Storage used on configure or reconfigure.
  72     std::map<Ip::Address, size_t> configureStorage;
  73     /// Map for storing all local ip address and their local storages.
  74     std::map<Ip::Address, LocalContextStorage *> storage;
  75 };
  76
  77 /// Global cache for store all SSL server certificates.
  78 extern GlobalContextStorage TheGlobalContextStorage;
  79 } //namespace Ssl
  80 #endif // USE_OPENSSL
  81
  82 #endif // SQUID_SSL_CONTEXT_STORAGE_H
  83