5 #ifndef SQUID_SSL_CONTEXT_STORAGE_H
6 #define SQUID_SSL_CONTEXT_STORAGE_H
10 #include "SquidTime.h"
11 #include "CacheManager.h"
12 #include "mgr/Action.h"
13 #include "mgr/Command.h"
20 #include <openssl/ssl.h>
23 /// TODO: Replace on real size.
24 #define SSL_CTX_SIZE 1024
29 /** Reports cached SSL certificate stats to Cache Manager.
30 * TODO: Use "Report" functions instead friend class.
32 class CertificateStorageAction
: public Mgr::Action
35 CertificateStorageAction(const Mgr::Command::Pointer
&cmd
);
36 static Pointer
Create(const Mgr::Command::Pointer
&cmd
);
37 virtual void dump (StoreEntry
*sentry
);
39 * We do not support aggregation of information across workers
40 * TODO: aggregate these stats
42 virtual bool aggregatable() const { return false; }
46 * Memory cache for store generated SSL context. Enforces total size limits
47 * using an LRU algorithm.
49 class LocalContextStorage
51 friend class CertificateStorageAction
;
53 /// Cache item is an (SSL_CTX, host name) tuple.
57 Item(SSL_CTX
* aSsl_ctx
, std::string
const & aName
);
60 SSL_CTX
* ssl_ctx
; ///< The SSL context.
61 std::string host_name
; ///< The host name of the SSL context.
64 typedef std::list
<Item
*> Queue
;
65 typedef Queue::iterator QueueIterator
;
67 /// host_name:queue_item mapping for fast lookups by host name
68 typedef std::map
<std::string
, QueueIterator
> Map
;
69 typedef Map::iterator MapIterator
;
70 typedef std::pair
<std::string
, QueueIterator
> MapPair
;
72 LocalContextStorage(size_t aMax_memory
);
73 ~LocalContextStorage();
74 /// Set maximum memory size for this storage.
75 void SetSize(size_t aMax_memory
);
76 /// Return a pointer to the added ssl_ctx or NULL if fails (eg. max cache size equal 0).
77 SSL_CTX
* add(char const * host_name
, SSL_CTX
* ssl_ctx
);
78 /// Find SSL_CTX in storage by host name. Lru queue will be updated.
79 SSL_CTX
* find(char const * host_name
);
80 void remove(char const * host_name
); ///< Delete the SSL context by hostname
83 void purgeOne(); ///< Delete oldest object.
84 /// Delete object by iterator. It is used in deletePurge() and remove(...) methods.
85 void deleteAt(MapIterator i
);
87 size_t max_memory
; ///< Max cache size.
88 size_t memory_used
; ///< Used cache size.
89 Map storage
; ///< The hostnames/SSL_CTX * pairs
90 Queue lru_queue
; ///< LRU cache index
93 /// Class for storing/manipulating LocalContextStorage per local listening address/port.
94 class GlobalContextStorage
96 friend class CertificateStorageAction
;
98 GlobalContextStorage();
99 ~GlobalContextStorage();
100 /// Create new SSL context storage for the local listening address/port.
101 void addLocalStorage(Ip::Address
const & address
, size_t size_of_store
);
102 /// Return the local storage for the given listening address/port.
103 LocalContextStorage
& getLocalStorage(Ip::Address
const & address
);
104 /// When reconfigring should be called this method.
105 void reconfigureStart();
107 /// Called by getLocalStorage method
108 void reconfigureFinish();
109 bool reconfiguring
; ///< True if system reconfiguring now.
110 /// Storage used on configure or reconfigure.
111 std::map
<Ip::Address
, size_t> configureStorage
;
112 /// Map for storing all local ip address and their local storages.
113 std::map
<Ip::Address
, LocalContextStorage
*> storage
;
116 /// Global cache for store all SSL server certificates.
117 extern GlobalContextStorage TheGlobalContextStorage
;
121 #endif // SQUID_SSL_CONTEXT_STORAGE_H