]>
Commit | Line | Data |
---|---|---|
95d2589c CT |
1 | /* |
2 | * 2008/11/14 | |
3 | */ | |
4 | ||
f7f3304a | 5 | #include "squid.h" |
18f37f42 | 6 | #include "anyp/PortCfg.h" |
1bc8a1b7 | 7 | #include "protos.h" |
95d2589c CT |
8 | #include "ssl/Config.h" |
9 | #include "ssl/helper.h" | |
10 | #include "SquidTime.h" | |
11 | #include "SwapDir.h" | |
12 | ||
13 | Ssl::Helper * Ssl::Helper::GetInstance() | |
14 | { | |
15 | static Ssl::Helper sslHelper; | |
16 | return &sslHelper; | |
17 | } | |
18 | ||
19 | Ssl::Helper::Helper() | |
20 | { | |
95d2589c CT |
21 | } |
22 | ||
23 | Ssl::Helper::~Helper() | |
24 | { | |
25 | Shutdown(); | |
26 | } | |
27 | ||
28 | void Ssl::Helper::Init() | |
29 | { | |
586089cd CT |
30 | assert(ssl_crtd == NULL); |
31 | ||
24e6c8f1 AR |
32 | // we need to start ssl_crtd only if some port(s) need to bump SSL |
33 | bool found = false; | |
34 | for (AnyP::PortCfg *s = ::Config.Sockaddr.http; !found && s; s = s->next) | |
35 | found = s->sslBump; | |
36 | for (AnyP::PortCfg *s = ::Config.Sockaddr.https; !found && s; s = s->next) | |
37 | found = s->sslBump; | |
38 | if (!found) | |
586089cd CT |
39 | return; |
40 | ||
41 | ssl_crtd = new helper("ssl_crtd"); | |
1af735c7 | 42 | ssl_crtd->childs.updateLimits(Ssl::TheConfig.ssl_crtdChildren); |
95d2589c | 43 | ssl_crtd->ipc_type = IPC_STREAM; |
0af9303a CT |
44 | // The crtd messages may contain the eol ('\n') character. We are |
45 | // going to use the '\1' char as the end-of-message mark. | |
46 | ssl_crtd->eom = '\1'; | |
95d2589c CT |
47 | assert(ssl_crtd->cmdline == NULL); |
48 | { | |
49 | char *tmp = xstrdup(Ssl::TheConfig.ssl_crtd); | |
50 | char *tmp_begin = tmp; | |
51 | char * token = NULL; | |
52 | bool db_path_was_found = false; | |
53 | bool block_size_was_found = false; | |
54 | char buffer[20] = "2048"; | |
55 | while ((token = strwordtok(NULL, &tmp))) { | |
56 | wordlistAdd(&ssl_crtd->cmdline, token); | |
57 | if (!strcmp(token, "-b")) | |
58 | block_size_was_found = true; | |
59 | if (!strcmp(token, "-s")) { | |
60 | db_path_was_found = true; | |
61 | } else if (db_path_was_found) { | |
62 | db_path_was_found = false; | |
63 | int fs_block_size = 0; | |
64 | storeDirGetBlkSize(token, &fs_block_size); | |
65 | snprintf(buffer, sizeof(buffer), "%i", fs_block_size); | |
66 | } | |
67 | } | |
68 | if (!block_size_was_found) { | |
69 | wordlistAdd(&ssl_crtd->cmdline, "-b"); | |
70 | wordlistAdd(&ssl_crtd->cmdline, buffer); | |
71 | } | |
72 | safe_free(tmp_begin); | |
73 | } | |
95d2589c CT |
74 | helperOpenServers(ssl_crtd); |
75 | } | |
76 | ||
77 | void Ssl::Helper::Shutdown() | |
78 | { | |
79 | if (!ssl_crtd) | |
80 | return; | |
81 | helperShutdown(ssl_crtd); | |
82 | wordlistDestroy(&ssl_crtd->cmdline); | |
95d2589c CT |
83 | delete ssl_crtd; |
84 | ssl_crtd = NULL; | |
85 | } | |
86 | ||
87 | void Ssl::Helper::sslSubmit(CrtdMessage const & message, HLPCB * callback, void * data) | |
88 | { | |
89 | static time_t first_warn = 0; | |
586089cd | 90 | assert(ssl_crtd); |
95d2589c CT |
91 | |
92 | if (ssl_crtd->stats.queue_size >= (int)(ssl_crtd->childs.n_running * 2)) { | |
93 | if (first_warn == 0) | |
94 | first_warn = squid_curtime; | |
95 | if (squid_curtime - first_warn > 3 * 60) | |
96 | fatal("SSL servers not responding for 3 minutes"); | |
e0236918 | 97 | debugs(34, DBG_IMPORTANT, HERE << "Queue overload, rejecting"); |
95d2589c CT |
98 | callback(data, (char *)"error 45 Temporary network problem, please retry later"); |
99 | return; | |
100 | } | |
101 | ||
102 | first_warn = 0; | |
0af9303a CT |
103 | std::string msg = message.compose(); |
104 | msg += '\n'; | |
105 | helperSubmit(ssl_crtd, msg.c_str(), callback, data); | |
95d2589c | 106 | } |