[thirdparty/squid.git] / src / ssl / context_storage.cc

/*
 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#include "squid.h"
#include "base/PackableStream.h"
#include "mgr/Registration.h"
#include "ssl/context_storage.h"
#include "Store.h"

#include <limits>
#if USE_OPENSSL
#include "compat/openssl.h"
#if HAVE_OPENSSL_SSL_H
#include <openssl/ssl.h>
#endif
#endif

Ssl::CertificateStorageAction::CertificateStorageAction(const Mgr::Command::Pointer &aCmd)
    :   Mgr::Action(aCmd)
{}

Ssl::CertificateStorageAction::Pointer
Ssl::CertificateStorageAction::Create(const Mgr::Command::Pointer &aCmd)
{
    return new CertificateStorageAction(aCmd);
}

void Ssl::CertificateStorageAction::dump (StoreEntry *sentry)
{
    PackableStream stream(*sentry);
    const char delimiter = '\t';
    const char endString = '\n';
    // Page title.
    stream << "Cached ssl certificates statistic.\n";
    // Title of statistic table.
    stream << "Port" << delimiter << "Max mem(KB)" << delimiter << "Cert number" << delimiter << "KB/cert" << delimiter << "Mem used(KB)" << delimiter << "Mem free(KB)" << endString;

    // Add info for each port.
    for (std::map<Ip::Address, LocalContextStorage *>::iterator i = TheGlobalContextStorage.storage.begin(); i != TheGlobalContextStorage.storage.end(); ++i) {
        stream << i->first << delimiter;
        LocalContextStorage & ssl_store_policy(*(i->second));
        const auto memoryPerEntry = ssl_store_policy.entries() ?
                                    ssl_store_policy.memoryUsed() / ssl_store_policy.entries() : 0;
        stream << ssl_store_policy.memLimit() / 1024 << delimiter;
        stream << ssl_store_policy.entries() << delimiter;
        stream << memoryPerEntry / 1024 << delimiter;
        stream << ssl_store_policy.memoryUsed() / 1024 << delimiter;
        stream << ssl_store_policy.freeMem() / 1024 << endString;
    }
    stream << endString;
    stream.flush();
}

///////////////////////////////////////////////////////

Ssl::GlobalContextStorage::GlobalContextStorage()
    :   reconfiguring(true)
{
    RegisterAction("cached_ssl_cert", "Statistic of cached generated ssl certificates", &CertificateStorageAction::Create, 0, 1);
}

Ssl::GlobalContextStorage::~GlobalContextStorage()
{
    for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end(); ++i) {
        delete i->second;
    }
}

void Ssl::GlobalContextStorage::addLocalStorage(Ip::Address const & address, size_t size_of_store)
{
    assert(reconfiguring);
    configureStorage.insert(std::pair<Ip::Address, size_t>(address, size_of_store));
}

Ssl::LocalContextStorage *Ssl::GlobalContextStorage::getLocalStorage(Ip::Address const & address)
{
    reconfigureFinish();
    std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.find(address);

    if (i == storage.end())
        return NULL;
    else
        return i->second;
}

void Ssl::GlobalContextStorage::reconfigureStart()
{
    configureStorage.clear();
    reconfiguring = true;
}

void Ssl::GlobalContextStorage::reconfigureFinish()
{
    if (reconfiguring) {
        reconfiguring = false;

        // remove or change old local storages.
        for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end();) {
            std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.find(i->first);
            if (conf_i == configureStorage.end() || conf_i->second <= 0) {
                delete i->second;
                storage.erase(i++);
            } else {
                i->second->setMemLimit(conf_i->second);
                ++i;
            }
        }

        // add new local storages.
        for (std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.begin(); conf_i != configureStorage.end(); ++conf_i ) {
            if (storage.find(conf_i->first) == storage.end() && conf_i->second > 0) {
                storage.insert(std::pair<Ip::Address, LocalContextStorage *>(conf_i->first, new LocalContextStorage(conf_i->second)));
            }
        }
    }
}

Ssl::GlobalContextStorage Ssl::TheGlobalContextStorage;
Commit	Line	Data
bbc27441	1	/*
77b1029d	2	* Copyright (C) 1996-2020 The Squid Software Foundation and contributors
bbc27441 AJ	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
f7f3304a	9	#include "squid.h"
7e10ac87	10	#include "base/PackableStream.h"
602d9612 A	11	#include "mgr/Registration.h"
602d9612 A	12	#include "ssl/context_storage.h"
95d2589c	13	#include "Store.h"
074d6a40	14
95d2589c	15	#include <limits>
24b30fdc EQ	16	#if USE_OPENSSL
24b30fdc EQ	17	#include "compat/openssl.h"
cb4f4424	18	#if HAVE_OPENSSL_SSL_H
a011edee FC	19	#include <openssl/ssl.h>
a011edee FC	20	#endif
24b30fdc	21	#endif
95d2589c	22
eb898410	23	Ssl::CertificateStorageAction::CertificateStorageAction(const Mgr::Command::Pointer &aCmd)
f53969cc	24	: Mgr::Action(aCmd)
95d2589c CT	25	{}
	26
	27	Ssl::CertificateStorageAction::Pointer
eb898410	28	Ssl::CertificateStorageAction::Create(const Mgr::Command::Pointer &aCmd)
95d2589c	29	{
eb898410	30	return new CertificateStorageAction(aCmd);
95d2589c CT	31	}
	32
	33	void Ssl::CertificateStorageAction::dump (StoreEntry *sentry)
	34	{
7e10ac87	35	PackableStream stream(*sentry);
95d2589c CT	36	const char delimiter = '\t';
	37	const char endString = '\n';
	38	// Page title.
	39	stream << "Cached ssl certificates statistic.\n";
	40	// Title of statistic table.
	41	stream << "Port" << delimiter << "Max mem(KB)" << delimiter << "Cert number" << delimiter << "KB/cert" << delimiter << "Mem used(KB)" << delimiter << "Mem free(KB)" << endString;
	42
	43	// Add info for each port.
d7ae3534	44	for (std::map<Ip::Address, LocalContextStorage *>::iterator i = TheGlobalContextStorage.storage.begin(); i != TheGlobalContextStorage.storage.end(); ++i) {
95d2589c CT	45	stream << i->first << delimiter;
95d2589c CT	46	LocalContextStorage & ssl_store_policy(*(i->second));
72247610	47	const auto memoryPerEntry = ssl_store_policy.entries() ?
70ac5b29	48	ssl_store_policy.memoryUsed() / ssl_store_policy.entries() : 0;
14798e73 CT	49	stream << ssl_store_policy.memLimit() / 1024 << delimiter;
14798e73 CT	50	stream << ssl_store_policy.entries() << delimiter;
72247610 AJ	51	stream << memoryPerEntry / 1024 << delimiter;
72247610 AJ	52	stream << ssl_store_policy.memoryUsed() / 1024 << delimiter;
14798e73	53	stream << ssl_store_policy.freeMem() / 1024 << endString;
95d2589c CT	54	}
	55	stream << endString;
	56	stream.flush();
	57	}
	58
95d2589c CT	59	///////////////////////////////////////////////////////
	60
	61	Ssl::GlobalContextStorage::GlobalContextStorage()
f53969cc	62	: reconfiguring(true)
95d2589c CT	63	{
	64	RegisterAction("cached_ssl_cert", "Statistic of cached generated ssl certificates", &CertificateStorageAction::Create, 0, 1);
	65	}
	66
	67	Ssl::GlobalContextStorage::~GlobalContextStorage()
	68	{
d7ae3534	69	for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end(); ++i) {
95d2589c CT	70	delete i->second;
	71	}
	72	}
	73
	74	void Ssl::GlobalContextStorage::addLocalStorage(Ip::Address const & address, size_t size_of_store)
	75	{
	76	assert(reconfiguring);
	77	configureStorage.insert(std::pair<Ip::Address, size_t>(address, size_of_store));
	78	}
	79
9873e378	80	Ssl::LocalContextStorage *Ssl::GlobalContextStorage::getLocalStorage(Ip::Address const & address)
95d2589c CT	81	{
	82	reconfigureFinish();
	83	std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.find(address);
9873e378 CT	84
	85	if (i == storage.end())
	86	return NULL;
	87	else
	88	return i->second;
95d2589c CT	89	}
	90
	91	void Ssl::GlobalContextStorage::reconfigureStart()
	92	{
9873e378	93	configureStorage.clear();
95d2589c CT	94	reconfiguring = true;
	95	}
	96
	97	void Ssl::GlobalContextStorage::reconfigureFinish()
	98	{
	99	if (reconfiguring) {
	100	reconfiguring = false;
	101
	102	// remove or change old local storages.
b02a2ff8	103	for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end();) {
95d2589c	104	std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.find(i->first);
9873e378	105	if (conf_i == configureStorage.end() \|\| conf_i->second <= 0) {
ea886ed6	106	delete i->second;
b02a2ff8	107	storage.erase(i++);
95d2589c	108	} else {
14798e73	109	i->second->setMemLimit(conf_i->second);
b02a2ff8	110	++i;
95d2589c CT	111	}
	112	}
	113
	114	// add new local storages.
a38ec4b1	115	for (std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.begin(); conf_i != configureStorage.end(); ++conf_i ) {
9873e378	116	if (storage.find(conf_i->first) == storage.end() && conf_i->second > 0) {
72247610	117	storage.insert(std::pair<Ip::Address, LocalContextStorage *>(conf_i->first, new LocalContextStorage(conf_i->second)));
95d2589c CT	118	}
	119	}
	120	}
	121	}
	122
	123	Ssl::GlobalContextStorage Ssl::TheGlobalContextStorage;
f53969cc	124