src/ssl/helper.cc

   1 /*
   2  * 2008/11/14
   3  */
   4
   5 #include "squid.h"
   6 #include "ProtoPort.h"
   7 #include "ssl/Config.h"
   8 #include "ssl/helper.h"
   9 #include "SquidTime.h"
  10 #include "SwapDir.h"
  11
  12 Ssl::Helper * Ssl::Helper::GetInstance()
  13 {
  14     static Ssl::Helper sslHelper;
  15     return &sslHelper;
  16 }
  17
  18 Ssl::Helper::Helper()
  19 {
  20 }
  21
  22 Ssl::Helper::~Helper()
  23 {
  24     Shutdown();
  25 }
  26
  27 void Ssl::Helper::Init()
  28 {
  29     assert(ssl_crtd == NULL);
  30
  31     bool useSslBump = false;
  32     for (http_port_list *s = ::Config.Sockaddr.http; s; s = s->next) {
  33         if (s->sslBump) {
  34             useSslBump = true;
  35             break;
  36         }
  37     }
  38
  39     if (!useSslBump)
  40         return;
  41
  42     ssl_crtd = new helper("ssl_crtd");
  43     ssl_crtd->childs.updateLimits(Ssl::TheConfig.ssl_crtdChildren);
  44     ssl_crtd->ipc_type = IPC_STREAM;
  45     // The crtd messages may contain the eol ('\n') character. We are
  46     // going to use the '\1' char as the end-of-message mark.
  47     ssl_crtd->eom = '\1';
  48     assert(ssl_crtd->cmdline == NULL);
  49     {
  50         char *tmp = xstrdup(Ssl::TheConfig.ssl_crtd);
  51         char *tmp_begin = tmp;
  52         char * token = NULL;
  53         bool db_path_was_found = false;
  54         bool block_size_was_found = false;
  55         char buffer[20] = "2048";
  56         while ((token = strwordtok(NULL, &tmp))) {
  57             wordlistAdd(&ssl_crtd->cmdline, token);
  58             if (!strcmp(token, "-b"))
  59                 block_size_was_found = true;
  60             if (!strcmp(token, "-s")) {
  61                 db_path_was_found = true;
  62             } else if (db_path_was_found) {
  63                 db_path_was_found = false;
  64                 int fs_block_size = 0;
  65                 storeDirGetBlkSize(token, &fs_block_size);
  66                 snprintf(buffer, sizeof(buffer), "%i", fs_block_size);
  67             }
  68         }
  69         if (!block_size_was_found) {
  70             wordlistAdd(&ssl_crtd->cmdline, "-b");
  71             wordlistAdd(&ssl_crtd->cmdline, buffer);
  72         }
  73         safe_free(tmp_begin);
  74     }
  75     helperOpenServers(ssl_crtd);
  76 }
  77
  78 void Ssl::Helper::Shutdown()
  79 {
  80     if (!ssl_crtd)
  81         return;
  82     helperShutdown(ssl_crtd);
  83     wordlistDestroy(&ssl_crtd->cmdline);
  84     delete ssl_crtd;
  85     ssl_crtd = NULL;
  86 }
  87
  88 void Ssl::Helper::sslSubmit(CrtdMessage const & message, HLPCB * callback, void * data)
  89 {
  90     static time_t first_warn = 0;
  91     assert(ssl_crtd);
  92
  93     if (ssl_crtd->stats.queue_size >= (int)(ssl_crtd->childs.n_running * 2)) {
  94         if (first_warn == 0)
  95             first_warn = squid_curtime;
  96         if (squid_curtime - first_warn > 3 * 60)
  97             fatal("SSL servers not responding for 3 minutes");
  98         debugs(34, 1, HERE << "Queue overload, rejecting");
  99         callback(data, (char *)"error 45 Temporary network problem, please retry later");
 100         return;
 101     }
 102
 103     first_warn = 0;
 104     std::string msg = message.compose();
 105     msg += '\n';
 106     helperSubmit(ssl_crtd, msg.c_str(), callback, data);
 107 }