gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#64 key keeper增加evdnsbase参数。

Browse Source 
避免创建大量dnsbase,耗尽fd。ssl stream/tcp stream/proxy也做了相应修改。
This commit is contained in:
zhengchao
2018-11-26 14:54:20 +08:00
parent 35c2559f8a
commit ce9d7fa5eb
13 changed files with 82 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
platform/src/key_keeper.cpp
View File

@@ -43,6 +43,8 @@ struct key_keeper
X509* untrusted_ca_cert;
EVP_PKEY* untrusted_ca_key;
unsigned int no_cache;
struct key_keeper_stat stat;
};
@@ -601,7 +603,7 @@ char* url_escape(char* url)
return _url;
}
void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const char* sni, int keyring_id, X509 * origin_cert, int is_cert_valid, struct event_base * evbase)
void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const char* sni, int keyring_id, X509 * origin_cert, int is_cert_valid, struct event_base * evbase, struct evdns_base* dnsbase)
{
struct promise* p = future_to_promise(f);
unsigned int len = 0;
@@ -618,12 +620,14 @@ void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const c
ctx->key_len = len;
promise_set_ctx(p, (void*)ctx, key_keeper_promise_free_ctx);
long int cb_rtn = 0;
keeper->stat.ask_times++;
if(!keeper->no_cache)
{
MESA_htable_search_cb(keeper->cert_cache, (const unsigned char*)(ctx->key), ctx->key_len, keyring_local_cache_query_cb, p, &cb_rtn);
if(cb_rtn == KEYRING_EXSITED)
{
//printf("KEYRING_EXSITED\n");
keeper->stat.cache_hit++;
return;
}
}
@@ -644,7 +648,7 @@ void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const c
promise_failed(p, FUTURE_ERROR_EXCEPTION, "url escape failed");
break;
}
struct future* f_certstore_rpc = future_create("tfe_rpc", certstore_rpc_on_succ, certstore_rpc_on_fail, p);
struct future* f_certstore_rpc = future_create("crt_store", certstore_rpc_on_succ, certstore_rpc_on_fail, p);
ctx->f_certstore_rpc = f_certstore_rpc;
char *url = NULL;
@@ -661,7 +665,7 @@ void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const c
}
TFE_LOG_DEBUG(keeper->logger, "CertStore query: %.100s", url);
curl_free(escaped_origin_cert_pem);
tfe_rpc_async_ask(f_certstore_rpc, url, GET, DONE_CB, NULL, 0, evbase);
tfe_rpc_async_ask(f_certstore_rpc, url, GET, DONE_CB, NULL, 0, evbase, dnsbase);
free(url);
break;
}
@@ -699,3 +703,10 @@ void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const c
}
return;
}
void key_keeper_statistic(struct key_keeper *keeper, struct key_keeper_stat* result)
{
keeper->stat.cached_num=MESA_htable_get_elem_num(keeper->cert_cache);
*result=keeper->stat;
return;
}