]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/security/Session.cc
2 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
10 #include "anyp/PortCfg.h"
11 #include "base/RunnersRegistry.h"
12 #include "ipc/MemMap.h"
13 #include "security/Session.h"
14 #include "SquidConfig.h"
16 #define SSL_SESSION_ID_SIZE 32
17 #define SSL_SESSION_MAX_SIZE 10*1024
22 for (AnyP::PortCfgPointer s
= HttpPortList
; s
!= nullptr; s
= s
->next
) {
23 if (s
->secure
.encryptTransport
)
25 if (s
->flags
.tunnelSslBumping
)
33 initializeSessionCache()
36 // Check if the MemMap keys and data are enough big to hold
37 // session ids and session data
38 assert(SSL_SESSION_ID_SIZE
>= MEMMAP_SLOT_KEY_SIZE
);
39 assert(SSL_SESSION_MAX_SIZE
>= MEMMAP_SLOT_DATA_SIZE
);
41 int configuredItems
= ::Config
.SSL
.sessionCacheSize
/ sizeof(Ipc::MemMap::Slot
);
42 if (IamWorkerProcess() && configuredItems
)
43 Ssl::SessionCache
= new Ipc::MemMap(Ssl::SessionCacheName
);
45 Ssl::SessionCache
= nullptr;
49 for (AnyP::PortCfgPointer s
= HttpPortList
; s
!= nullptr; s
= s
->next
) {
50 if (s
->secure
.staticContext
.get())
51 Ssl::SetSessionCallbacks(s
->secure
.staticContext
.get());
56 /// initializes shared memory segments used by MemStore
57 class SharedSessionCacheRr
: public Ipc::Mem::RegisteredRunner
60 /* RegisteredRunner API */
61 SharedSessionCacheRr(): owner(nullptr) {}
62 virtual void useConfig();
63 virtual ~SharedSessionCacheRr();
66 virtual void create();
69 Ipc::MemMap::Owner
*owner
;
72 RunnerRegistrationEntry(SharedSessionCacheRr
);
75 SharedSessionCacheRr::useConfig()
77 #if USE_OPENSSL // while Ssl:: bits in use
78 if (Ssl::SessionCache
|| !isTlsServer()) //no need to configure ssl session cache.
81 Ipc::Mem::RegisteredRunner::useConfig();
82 initializeSessionCache();
87 SharedSessionCacheRr::create()
89 if (!isTlsServer()) //no need to configure ssl session cache.
92 #if USE_OPENSSL // while Ssl:: bits in use
93 if (int items
= Config
.SSL
.sessionCacheSize
/ sizeof(Ipc::MemMap::Slot
))
94 owner
= Ipc::MemMap::Init(Ssl::SessionCacheName
, items
);
98 SharedSessionCacheRr::~SharedSessionCacheRr()
100 // XXX: Enable after testing to reduce at-exit memory "leaks".
101 // delete Ssl::SessionCache;