#64 key keeper增加evdnsbase参数。

避免创建大量dnsbase，耗尽fd。ssl stream/tcp stream/proxy也做了相应修改。

platform/src/ssl_stream.cpp

@@ -90,6 +90,9 @@ enum ssl_stream_stat
 	SSL_NO_CHELLO,
 	SSL_NO_SNI,
 	SSL_FAKE_CRT,
+	KEY_KEEPER_CACHE_SIZE,
+	KEY_KEEPER_ASK,
+	KEY_KEEPER_HIT,
 	SSL_STAT_MAX
 };
 	
@@ -193,20 +196,20 @@ struct ssl_connect_server_ctx
 
 	evutil_socket_t fd_upstream;
 	evutil_socket_t fd_downstream;
-	struct event_base * evbase;
+	unsigned int thread_id;
 	struct future * f_peek_chello;
 	struct timespec start,end;
 };
 
 struct ssl_connect_client_ctx
 {
+	unsigned int thread_id;
 	int keyring_id;
 	struct ssl_stream * origin_ssl;
 	X509 * origin_crt;
 	int is_origin_crt_verify_passed;
 	struct ssl_mgr * ssl_mgr;
 	evutil_socket_t fd_downstream;
-	struct event_base * evbase;
 
 	struct future * f_ask_keyring;
 	struct bufferevent * bev_down;
@@ -241,6 +244,12 @@ ssl_stream_gc_cb(evutil_socket_t fd, short what, void * arg)
 	int i=0;
 	ssl_sess_cache_stat(mgr->up_sess_cache, &(mgr->stat_val[SSL_UP_CACHE_SZ]), &(mgr->stat_val[SSL_UP_CACHE_QUERY]), &(mgr->stat_val[SSL_UP_CACHE_HIT]));
 	ssl_sess_cache_stat(mgr->down_sess_cache, &(mgr->stat_val[SSL_DOWN_CACHE_SZ]), &(mgr->stat_val[SSL_DOWN_CACHE_QUERY]), &(mgr->stat_val[SSL_DOWN_CACHE_HIT]));
+	struct key_keeper_stat keeper_stat;
+	key_keeper_statistic(mgr->key_keeper, &keeper_stat);
+	mgr->stat_val[KEY_KEEPER_ASK]=keeper_stat.ask_times;
+	mgr->stat_val[KEY_KEEPER_HIT]=keeper_stat.cache_hit;
+	mgr->stat_val[KEY_KEEPER_CACHE_SIZE]=keeper_stat.cached_num;
+	
 	for(i=0;i<SSL_STAT_MAX;i++)
 	{
 		FS_operate(mgr->fs_handle, mgr->fs_id[i], 0, FS_OP_SET, ATOMIC_READ(&(mgr->stat_val[i])));
@@ -283,6 +292,9 @@ void ssl_stat_init(struct ssl_mgr * mgr)
 	spec[SSL_NO_CHELLO]="ssl_no_chlo";
 	spec[SSL_NO_SNI]="ssl_no_sni";
 	spec[SSL_FAKE_CRT]="ssl_fk_crt";
+	spec[KEY_KEEPER_ASK]="kyr_ask";
+	spec[KEY_KEEPER_HIT]="kyr_hit";
+	spec[KEY_KEEPER_CACHE_SIZE]="kyr_cache";
 
 	for(i=0;i<SSL_STAT_MAX;i++)
 	{
@@ -1034,6 +1046,7 @@ static void peek_chello_on_succ(future_result_t * result, void * user)
 {
 	struct promise * p = (struct promise *) user;
 	struct ssl_connect_server_ctx * ctx = (struct ssl_connect_server_ctx *) promise_get_ctx(p);
+	struct event_base* evbase=tfe_proxy_get_work_thread_evbase(ctx->thread_id);
 
 	struct ssl_chello * chello = ssl_peek_result_release_chello(result);//chello has been saved in ssl_stream.
 	if(chello->sni==NULL)
@@ -1042,7 +1055,7 @@ static void peek_chello_on_succ(future_result_t * result, void * user)
 	}
 	clock_gettime(CLOCK_MONOTONIC, &(ctx->start));
 	ctx->s_stream = ssl_stream_new(ctx->mgr, ctx->fd_upstream, CONN_DIR_UPSTREAM, chello, NULL, NULL);
-	ctx->bev = bufferevent_openssl_socket_new(ctx->evbase, ctx->fd_upstream,
+	ctx->bev = bufferevent_openssl_socket_new(evbase, ctx->fd_upstream,
 		ctx->s_stream->ssl, BUFFEREVENT_SSL_CONNECTING, BEV_OPT_DEFER_CALLBACKS);
 
 	bufferevent_openssl_set_allow_dirty_shutdown(ctx->bev, 1);
@@ -1065,7 +1078,7 @@ static void peek_chello_on_fail(enum e_future_error err, const char * what, void
 }
 
 void ssl_async_upstream_create(struct future * f, struct ssl_mgr * mgr, evutil_socket_t fd_upstream,
-	evutil_socket_t fd_downstream, struct event_base * evbase)
+	evutil_socket_t fd_downstream, unsigned int thread_id)
 {
 	struct promise * p = future_to_promise(f);
 	struct ssl_connect_server_ctx * ctx = ALLOC(struct ssl_connect_server_ctx, 1);
@@ -1079,10 +1092,10 @@ void ssl_async_upstream_create(struct future * f, struct ssl_mgr * mgr, evutil_s
 		promise_failed(p, FUTURE_ERROR_EXCEPTION, "upstream fd closed");
 		return;
 	}
-
+	struct event_base* evbase=tfe_proxy_get_work_thread_evbase(thread_id);
 	ctx->fd_downstream = fd_downstream;
 	ctx->fd_upstream = fd_upstream;
-	ctx->evbase = evbase;
+	ctx->thread_id = thread_id;
 	ctx->mgr = mgr;
 	promise_set_ctx(p, ctx, wrap_ssl_connect_server_ctx_free);
 
@@ -1498,16 +1511,14 @@ void ask_keyring_on_succ(void * result, void * user)
 
 	struct keyring * kyr = NULL;
 	struct ssl_mgr * mgr = ctx->ssl_mgr;
-
-
+	struct event_base* evbase=tfe_proxy_get_work_thread_evbase(ctx->thread_id);
 
 	kyr = key_keeper_release_keyring(result);	//kyr will be freed at ssl downstream closing.
-
 	
 	clock_gettime(CLOCK_MONOTONIC, &(ctx->start));
 	ctx->downstream = ssl_stream_new(mgr, ctx->fd_downstream, CONN_DIR_DOWNSTREAM, NULL, kyr,
 										ctx->origin_ssl?ctx->origin_ssl->alpn_selected:NULL);
-	ctx->bev_down = bufferevent_openssl_socket_new(ctx->evbase, ctx->fd_downstream, ctx->downstream->ssl,
+	ctx->bev_down = bufferevent_openssl_socket_new(evbase, ctx->fd_downstream, ctx->downstream->ssl,
 		BUFFEREVENT_SSL_ACCEPTING, BEV_OPT_DEFER_CALLBACKS);
 	bufferevent_openssl_set_allow_dirty_shutdown(ctx->bev_down, 1);
 	
@@ -1532,7 +1543,7 @@ void ask_keyring_on_fail(enum e_future_error error, const char * what, void * us
  * Create a SSL stream for the incoming connection, based on the upstream.
  */
 void ssl_async_downstream_create(struct future * f, struct ssl_mgr * mgr, struct ssl_stream * upstream,
-	evutil_socket_t fd_downstream, int keyring_id, struct event_base * evbase)
+	evutil_socket_t fd_downstream, int keyring_id, unsigned int thread_id)
 {
 
 	assert(upstream->dir == CONN_DIR_UPSTREAM);
@@ -1541,7 +1552,10 @@ void ssl_async_downstream_create(struct future * f, struct ssl_mgr * mgr, struct
 	ctx->keyring_id = keyring_id;
 	ctx->ssl_mgr = mgr;
 	ctx->fd_downstream = fd_downstream;
-	ctx->evbase = evbase;
+	ctx->thread_id = thread_id;
+	struct event_base * evbase=tfe_proxy_get_work_thread_evbase(thread_id);
+	struct evdns_base* dnsbase=tfe_proxy_get_work_thread_dnsbase(thread_id);
+
 	if (upstream != NULL)
 	{
 		ctx->origin_ssl = upstream;
@@ -1555,7 +1569,7 @@ void ssl_async_downstream_create(struct future * f, struct ssl_mgr * mgr, struct
 	ctx->f_ask_keyring = future_create("ask_kyr",ask_keyring_on_succ, ask_keyring_on_fail, p);
 	ctx->is_origin_crt_verify_passed = upstream->is_peer_cert_verify_passed;
 	key_keeper_async_ask(ctx->f_ask_keyring, mgr->key_keeper, sni, keyring_id, ctx->origin_crt, ctx->is_origin_crt_verify_passed,
-		evbase);
+		evbase, dnsbase);
 	return;
 }