[thirdparty/squid.git] / src / ssl / context_storage.cc

/*
 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#include "squid.h"
#include "base/PackableStream.h"
#include "mgr/Registration.h"
#include "ssl/context_storage.h"
#include "Store.h"

#include <limits>
#if USE_OPENSSL
#include "compat/openssl.h"
#if HAVE_OPENSSL_SSL_H
#include <openssl/ssl.h>
#endif
#endif

Ssl::CertificateStorageAction::CertificateStorageAction(const Mgr::Command::Pointer &aCmd)
    :   Mgr::Action(aCmd)
{}

Ssl::CertificateStorageAction::Pointer
Ssl::CertificateStorageAction::Create(const Mgr::Command::Pointer &aCmd)
{
    return new CertificateStorageAction(aCmd);
}

void Ssl::CertificateStorageAction::dump (StoreEntry *sentry)
{
    PackableStream stream(*sentry);
    const char delimiter = '\t';
    const char endString = '\n';
    // Page title.
    stream << "Cached ssl certificates statistic.\n";
    // Title of statistic table.
    stream << "Port" << delimiter << "Max mem(KB)" << delimiter << "Cert number" << delimiter << "KB/cert" << delimiter << "Mem used(KB)" << delimiter << "Mem free(KB)" << endString;

    // Add info for each port.
    for (std::map<Ip::Address, LocalContextStorage *>::iterator i = TheGlobalContextStorage.storage.begin(); i != TheGlobalContextStorage.storage.end(); ++i) {
        stream << i->first << delimiter;
        LocalContextStorage & ssl_store_policy(*(i->second));
        stream << ssl_store_policy.memLimit() / 1024 << delimiter;
        stream << ssl_store_policy.entries() << delimiter;
        stream << SSL_CTX_SIZE / 1024 << delimiter;
        stream << ssl_store_policy.size() / 1024 << delimiter;
        stream << ssl_store_policy.freeMem() / 1024 << endString;
    }
    stream << endString;
    stream.flush();
}

///////////////////////////////////////////////////////

Ssl::GlobalContextStorage::GlobalContextStorage()
    :   reconfiguring(true)
{
    RegisterAction("cached_ssl_cert", "Statistic of cached generated ssl certificates", &CertificateStorageAction::Create, 0, 1);
}

Ssl::GlobalContextStorage::~GlobalContextStorage()
{
    for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end(); ++i) {
        delete i->second;
    }
}

void Ssl::GlobalContextStorage::addLocalStorage(Ip::Address const & address, size_t size_of_store)
{
    assert(reconfiguring);
    configureStorage.insert(std::pair<Ip::Address, size_t>(address, size_of_store));
}

Ssl::LocalContextStorage *Ssl::GlobalContextStorage::getLocalStorage(Ip::Address const & address)
{
    reconfigureFinish();
    std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.find(address);

    if (i == storage.end())
        return NULL;
    else
        return i->second;
}

void Ssl::GlobalContextStorage::reconfigureStart()
{
    configureStorage.clear();
    reconfiguring = true;
}

void Ssl::GlobalContextStorage::reconfigureFinish()
{
    if (reconfiguring) {
        reconfiguring = false;

        // remove or change old local storages.
        for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end();) {
            std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.find(i->first);
            if (conf_i == configureStorage.end() || conf_i->second <= 0) {
                delete i->second;
                storage.erase(i++);
            } else {
                i->second->setMemLimit(conf_i->second);
                ++i;
            }
        }

        // add new local storages.
        for (std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.begin(); conf_i != configureStorage.end(); ++conf_i ) {
            if (storage.find(conf_i->first) == storage.end() && conf_i->second > 0) {
                storage.insert(std::pair<Ip::Address, LocalContextStorage *>(conf_i->first, new LocalContextStorage(-1, conf_i->second)));
            }
        }
    }
}

Ssl::GlobalContextStorage Ssl::TheGlobalContextStorage;
Commit	Line	Data
bbc27441	1	/*
77b1029d	2	* Copyright (C) 1996-2020 The Squid Software Foundation and contributors
bbc27441 AJ	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
f7f3304a	9	#include "squid.h"
7e10ac87	10	#include "base/PackableStream.h"
602d9612 A	11	#include "mgr/Registration.h"
602d9612 A	12	#include "ssl/context_storage.h"
95d2589c	13	#include "Store.h"
074d6a40	14
95d2589c	15	#include <limits>
24b30fdc EQ	16	#if USE_OPENSSL
24b30fdc EQ	17	#include "compat/openssl.h"
cb4f4424	18	#if HAVE_OPENSSL_SSL_H
a011edee FC	19	#include <openssl/ssl.h>
a011edee FC	20	#endif
24b30fdc	21	#endif
95d2589c	22
eb898410	23	Ssl::CertificateStorageAction::CertificateStorageAction(const Mgr::Command::Pointer &aCmd)
f53969cc	24	: Mgr::Action(aCmd)
95d2589c CT	25	{}
	26
	27	Ssl::CertificateStorageAction::Pointer
eb898410	28	Ssl::CertificateStorageAction::Create(const Mgr::Command::Pointer &aCmd)
95d2589c	29	{
eb898410	30	return new CertificateStorageAction(aCmd);
95d2589c CT	31	}
	32
	33	void Ssl::CertificateStorageAction::dump (StoreEntry *sentry)
	34	{
7e10ac87	35	PackableStream stream(*sentry);
95d2589c CT	36	const char delimiter = '\t';
	37	const char endString = '\n';
	38	// Page title.
	39	stream << "Cached ssl certificates statistic.\n";
	40	// Title of statistic table.
	41	stream << "Port" << delimiter << "Max mem(KB)" << delimiter << "Cert number" << delimiter << "KB/cert" << delimiter << "Mem used(KB)" << delimiter << "Mem free(KB)" << endString;
	42
	43	// Add info for each port.
d7ae3534	44	for (std::map<Ip::Address, LocalContextStorage *>::iterator i = TheGlobalContextStorage.storage.begin(); i != TheGlobalContextStorage.storage.end(); ++i) {
95d2589c CT	45	stream << i->first << delimiter;
95d2589c CT	46	LocalContextStorage & ssl_store_policy(*(i->second));
14798e73 CT	47	stream << ssl_store_policy.memLimit() / 1024 << delimiter;
14798e73 CT	48	stream << ssl_store_policy.entries() << delimiter;
95d2589c	49	stream << SSL_CTX_SIZE / 1024 << delimiter;
14798e73 CT	50	stream << ssl_store_policy.size() / 1024 << delimiter;
14798e73 CT	51	stream << ssl_store_policy.freeMem() / 1024 << endString;
95d2589c CT	52	}
	53	stream << endString;
	54	stream.flush();
	55	}
	56
95d2589c CT	57	///////////////////////////////////////////////////////
	58
	59	Ssl::GlobalContextStorage::GlobalContextStorage()
f53969cc	60	: reconfiguring(true)
95d2589c CT	61	{
	62	RegisterAction("cached_ssl_cert", "Statistic of cached generated ssl certificates", &CertificateStorageAction::Create, 0, 1);
	63	}
	64
	65	Ssl::GlobalContextStorage::~GlobalContextStorage()
	66	{
d7ae3534	67	for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end(); ++i) {
95d2589c CT	68	delete i->second;
	69	}
	70	}
	71
	72	void Ssl::GlobalContextStorage::addLocalStorage(Ip::Address const & address, size_t size_of_store)
	73	{
	74	assert(reconfiguring);
	75	configureStorage.insert(std::pair<Ip::Address, size_t>(address, size_of_store));
	76	}
	77
9873e378	78	Ssl::LocalContextStorage *Ssl::GlobalContextStorage::getLocalStorage(Ip::Address const & address)
95d2589c CT	79	{
	80	reconfigureFinish();
	81	std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.find(address);
9873e378 CT	82
	83	if (i == storage.end())
	84	return NULL;
	85	else
	86	return i->second;
95d2589c CT	87	}
	88
	89	void Ssl::GlobalContextStorage::reconfigureStart()
	90	{
9873e378	91	configureStorage.clear();
95d2589c CT	92	reconfiguring = true;
	93	}
	94
	95	void Ssl::GlobalContextStorage::reconfigureFinish()
	96	{
	97	if (reconfiguring) {
	98	reconfiguring = false;
	99
	100	// remove or change old local storages.
b02a2ff8	101	for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end();) {
95d2589c	102	std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.find(i->first);
9873e378	103	if (conf_i == configureStorage.end() \|\| conf_i->second <= 0) {
ea886ed6	104	delete i->second;
b02a2ff8	105	storage.erase(i++);
95d2589c	106	} else {
14798e73	107	i->second->setMemLimit(conf_i->second);
b02a2ff8	108	++i;
95d2589c CT	109	}
	110	}
	111
	112	// add new local storages.
a38ec4b1	113	for (std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.begin(); conf_i != configureStorage.end(); ++conf_i ) {
9873e378	114	if (storage.find(conf_i->first) == storage.end() && conf_i->second > 0) {
14798e73	115	storage.insert(std::pair<Ip::Address, LocalContextStorage *>(conf_i->first, new LocalContextStorage(-1, conf_i->second)));
95d2589c CT	116	}
	117	}
	118	}
	119	}
	120
	121	Ssl::GlobalContextStorage Ssl::TheGlobalContextStorage;
f53969cc	122