Revamped LruMap implementation, adding support for value-specific TTLs,
value-specific memory consumption estimates, memory pooling for value
wrappers, and polishing code. Renamed the result to ClpMap.
Fixed memory leak of generated fake SSL certificates in Squids
configured with dynamic_cert_mem_cache_size=0 (the default is 4MB).
Controversially changed sslcrtvalidator_program cache and TTL defaults:
* After we started accounting for key lengths in validator cache
entries, the old 2048 bytes default size became not just ridiculously
small but insufficient to cache the vast majority of cache entries
because an entry key contains a PEM certificate sent to the validator
(among other validation parameters). A PEM certificate usually
consumes at least a few kilobytes. Living the old 2KB default would
essentially mean that we are disabling caching (by default).
* And if we fix one default, it makes sense to fix the other as well.
The old 60 second TTL default felt too conservative. Most certificate
invalidations last days, not seconds. We picked one hour because that
value is still fairly conservative, used as the default by several
other Squid caches, and should allow for decent cache hit ratio.
Dropped support for the undocumented "sslcrtvalidator_program ttl=-1"
hack that meant unlimited TTL. Large TTL values should be used instead.
TODO: The option parser should be revamped to reject too-large values.