/*
- * $Id$
+ * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
+ *
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
*/
#ifndef SQUID_SSL_CONTEXT_STORAGE_H
#define SQUID_SSL_CONTEXT_STORAGE_H
-#if USE_SSL
+#if USE_OPENSSL
-#include "SquidTime.h"
+#include "base/LruMap.h"
#include "CacheManager.h"
+#include "compat/openssl.h"
+#include "ip/Address.h"
#include "mgr/Action.h"
#include "mgr/Command.h"
-#if HAVE_MAP
-#include <map>
-#endif
-#if HAVE_LIST
+#include "security/forward.h"
+#include "SquidTime.h"
+#include "ssl/gadgets.h"
+
#include <list>
-#endif
+#include <map>
+#if HAVE_OPENSSL_SSL_H
#include <openssl/ssl.h>
+#endif
/// TODO: Replace on real size.
#define SSL_CTX_SIZE 1024
virtual bool aggregatable() const { return false; }
};
-/**
- * Memory cache for store generated SSL context. Enforces total size limits
- * using an LRU algorithm.
- */
-class LocalContextStorage
-{
- friend class CertificateStorageAction;
-public:
- /// Cache item is an (SSL_CTX, host name) tuple.
- class Item
- {
- public:
- Item(SSL_CTX * aSsl_ctx, std::string const & aName);
- ~Item();
- public:
- SSL_CTX * ssl_ctx; ///< The SSL context.
- std::string host_name; ///< The host name of the SSL context.
- };
-
- typedef std::list<Item *> Queue;
- typedef Queue::iterator QueueIterator;
-
- /// host_name:queue_item mapping for fast lookups by host name
- typedef std::map<std::string, QueueIterator> Map;
- typedef Map::iterator MapIterator;
- typedef std::pair<std::string, QueueIterator> MapPair;
-
- LocalContextStorage(size_t aMax_memory);
- ~LocalContextStorage();
- /// Set maximum memory size for this storage.
- void SetSize(size_t aMax_memory);
- /// Return a pointer to the added ssl_ctx or NULL if fails (eg. max cache size equal 0).
- SSL_CTX * add(char const * host_name, SSL_CTX * ssl_ctx);
- /// Find SSL_CTX in storage by host name. Lru queue will be updated.
- SSL_CTX * find(char const * host_name);
- void remove(char const * host_name); ///< Delete the SSL context by hostname
-
-private:
- void purgeOne(); ///< Delete oldest object.
- /// Delete object by iterator. It is used in deletePurge() and remove(...) methods.
- void deleteAt(MapIterator i);
-
- size_t max_memory; ///< Max cache size.
- size_t memory_used; ///< Used cache size.
- Map storage; ///< The hostnames/SSL_CTX * pairs
- Queue lru_queue; ///< LRU cache index
-};
+typedef LruMap<SBuf, Security::ContextPointer, SSL_CTX_SIZE> LocalContextStorage;
/// Class for storing/manipulating LocalContextStorage per local listening address/port.
class GlobalContextStorage
/// Create new SSL context storage for the local listening address/port.
void addLocalStorage(Ip::Address const & address, size_t size_of_store);
/// Return the local storage for the given listening address/port.
- LocalContextStorage & getLocalStorage(Ip::Address const & address);
+ LocalContextStorage *getLocalStorage(Ip::Address const & address);
/// When reconfigring should be called this method.
void reconfigureStart();
private:
/// Global cache for store all SSL server certificates.
extern GlobalContextStorage TheGlobalContextStorage;
} //namespace Ssl
-#endif // USE_SSL
+#endif // USE_OPENSSL
#endif // SQUID_SSL_CONTEXT_STORAGE_H
+
projects / thirdparty / squid.git / blobdiff