src/ssl/helper.cc

   1 /*
   2  * 2008/11/14
   3  */
   4
   5 #include "squid.h"
   6 #include "ProtoPort.h"
   7 #include "ssl/Config.h"
   8 #include "ssl/helper.h"
   9 #include "SquidTime.h"
  10 #include "SwapDir.h"
  11
  12 Ssl::Helper * Ssl::Helper::GetInstance()
  13 {
  14     static Ssl::Helper sslHelper;
  15     return &sslHelper;
  16 }
  17
  18 Ssl::Helper::Helper()
  19 {
  20 }
  21
  22 Ssl::Helper::~Helper()
  23 {
  24     Shutdown();
  25 }
  26
  27 void Ssl::Helper::Init()
  28 {
  29     assert(ssl_crtd == NULL);
  30
  31     bool found = false;
  32     for (http_port_list *s = ::Config.Sockaddr.http; s && !found; s = s->next)
  33         found = s->sslBump;
  34     for (http_port_list *s = ::Config.Sockaddr.https; s && !found; s = s->next)
  35         found = s->sslBump;
  36     if (!found)
  37         return;
  38
  39     ssl_crtd = new helper("ssl_crtd");
  40     ssl_crtd->childs.updateLimits(Ssl::TheConfig.ssl_crtdChildren);
  41     ssl_crtd->ipc_type = IPC_STREAM;
  42     // The crtd messages may contain the eol ('\n') character. We are
  43     // going to use the '\1' char as the end-of-message mark.
  44     ssl_crtd->eom = '\1';
  45     assert(ssl_crtd->cmdline == NULL);
  46     {
  47         char *tmp = xstrdup(Ssl::TheConfig.ssl_crtd);
  48         char *tmp_begin = tmp;
  49         char * token = NULL;
  50         bool db_path_was_found = false;
  51         bool block_size_was_found = false;
  52         char buffer[20] = "2048";
  53         while ((token = strwordtok(NULL, &tmp))) {
  54             wordlistAdd(&ssl_crtd->cmdline, token);
  55             if (!strcmp(token, "-b"))
  56                 block_size_was_found = true;
  57             if (!strcmp(token, "-s")) {
  58                 db_path_was_found = true;
  59             } else if (db_path_was_found) {
  60                 db_path_was_found = false;
  61                 int fs_block_size = 0;
  62                 storeDirGetBlkSize(token, &fs_block_size);
  63                 snprintf(buffer, sizeof(buffer), "%i", fs_block_size);
  64             }
  65         }
  66         if (!block_size_was_found) {
  67             wordlistAdd(&ssl_crtd->cmdline, "-b");
  68             wordlistAdd(&ssl_crtd->cmdline, buffer);
  69         }
  70         safe_free(tmp_begin);
  71     }
  72     helperOpenServers(ssl_crtd);
  73 }
  74
  75 void Ssl::Helper::Shutdown()
  76 {
  77     if (!ssl_crtd)
  78         return;
  79     helperShutdown(ssl_crtd);
  80     wordlistDestroy(&ssl_crtd->cmdline);
  81     delete ssl_crtd;
  82     ssl_crtd = NULL;
  83 }
  84
  85 void Ssl::Helper::sslSubmit(CrtdMessage const & message, HLPCB * callback, void * data)
  86 {
  87     static time_t first_warn = 0;
  88     assert(ssl_crtd);
  89
  90     if (ssl_crtd->stats.queue_size >= (int)(ssl_crtd->childs.n_running * 2)) {
  91         if (first_warn == 0)
  92             first_warn = squid_curtime;
  93         if (squid_curtime - first_warn > 3 * 60)
  94             fatal("SSL servers not responding for 3 minutes");
  95         debugs(34, 1, HERE << "Queue overload, rejecting");
  96         callback(data, (char *)"error 45 Temporary network problem, please retry later");
  97         return;
  98     }
  99
 100     first_warn = 0;
 101     std::string msg = message.compose();
 102     msg += '\n';
 103     helperSubmit(ssl_crtd, msg.c_str(), callback, data);
 104 }