ssl stream修复upstream session cache key生成错误的bug。

platform/src/ssl_stream.cpp

@@ -49,16 +49,24 @@
 
 enum ssl_stream_stat
 {
-	SSL_UP_NUM,
+	SSL_UP_NEW,
 	SSL_UP_ERR,
 	SSL_UP_CLOSING,
-	SSL_UP_DIRTY_CLOSED,
 	SSL_UP_CLOSED,
-	SSL_DOWN_NUM,
+	SSL_UP_DIRTY_CLOSED,
+	SSL_UP_CACHE_SZ,
+	SSL_UP_CACHE_QUERY,
+	SSL_UP_CACHE_HIT,
+	
+	SSL_DOWN_NEW,
 	SSL_DOWN_ERR,
 	SSL_DOWN_CLOSING,
 	SSL_DOWN_CLOSED,
 	SSL_DOWN_DIRTY_CLOSED,
+	SSL_DOWN_CACHE_SZ,
+	SSL_DOWN_CACHE_QUERY,
+	SSL_DOWN_CACHE_HIT,
+	
 	SSL_NO_CHELLO,
 	SSL_NO_SNI,
 	SSL_FAKE_CRT,
@@ -168,6 +176,8 @@ struct ssl_shutdown_ctx
 	struct ssl_stream * s_stream;
 	struct event_base * evbase;
 	struct event * ev;
+	struct ssl_mgr* mgr;
+	enum tfe_conn_dir dir;
 	unsigned int retries;
 };
 struct fs_spec
@@ -179,16 +189,24 @@ void ssl_stat_init(struct ssl_mgr * mgr)
 {
 	int i=0;
 	const char* spec[SSL_STAT_MAX];
-	spec[SSL_UP_NUM]="ssl_up";
-	spec[SSL_UP_ERR]="sslu_err";						
-	spec[SSL_UP_CLOSING]="sslu_clsing";
-	spec[SSL_UP_CLOSED]="sslu_clsd";
-	spec[SSL_UP_DIRTY_CLOSED]="sslu_dirty_cls";
-	spec[SSL_DOWN_NUM]="ssl_down";
-	spec[SSL_DOWN_ERR]="ssld_err";
-	spec[SSL_DOWN_CLOSING]="ssld_clsing";
+	spec[SSL_UP_NEW]="ussl_new";
+	spec[SSL_UP_ERR]="ussl_err";						
+	spec[SSL_UP_CLOSING]="ussl_clsing";
+	spec[SSL_UP_CLOSED]="ussl_clsed";
+	spec[SSL_UP_DIRTY_CLOSED]="ussl_dirty_cls";
+	spec[SSL_UP_CACHE_SZ]="usess_cache";
+	spec[SSL_UP_CACHE_QUERY]="usess_query";
+	spec[SSL_UP_CACHE_HIT]="usess_hitcnt";
+	
+	spec[SSL_DOWN_NEW]="dssl_new";
+	spec[SSL_DOWN_ERR]="dssl_err";
+	spec[SSL_DOWN_CLOSING]="dssl_clsing";	
+	spec[SSL_DOWN_CLOSED]="dssl_clsed";
 	spec[SSL_DOWN_DIRTY_CLOSED]="ssld_dirty_cls";
-	spec[SSL_DOWN_CLOSED]="ssld_clsd";
+	spec[SSL_DOWN_CACHE_SZ]="dsess_cache";
+	spec[SSL_DOWN_CACHE_QUERY]="dcache_query";
+	spec[SSL_DOWN_CACHE_HIT]="dsess_hitcnt";
+	
 	spec[SSL_NO_CHELLO]="ssl_no_chlo";
 	spec[SSL_NO_SNI]="ssl_no_sni";
 	spec[SSL_FAKE_CRT]="ssl_fk_crt";
@@ -197,6 +215,31 @@ void ssl_stat_init(struct ssl_mgr * mgr)
 	{
 		mgr->fs_id[i]=FS_register(mgr->fs_handle, FS_STYLE_STATUS, FS_CALC_CURRENT,spec[i]);
 	}
+
+	int	value=mgr->fs_id[SSL_UP_CACHE_HIT];
+	FS_set_para(mgr->fs_handle, ID_INVISBLE, &value, sizeof(value));
+	value=mgr->fs_id[SSL_UP_CACHE_QUERY];
+	FS_set_para(mgr->fs_handle, ID_INVISBLE, &value, sizeof(value));
+	
+	FS_register_ratio(mgr->fs_handle,
+					mgr->fs_id[SSL_UP_CACHE_HIT], 
+					mgr->fs_id[SSL_UP_CACHE_QUERY], 
+					1,
+					FS_STYLE_STATUS,
+					FS_CALC_CURRENT,
+					"usess_hit");
+	value=mgr->fs_id[SSL_DOWN_CACHE_HIT];
+	FS_set_para(mgr->fs_handle, ID_INVISBLE, &value, sizeof(value));
+	value=mgr->fs_id[SSL_DOWN_CACHE_QUERY];
+	FS_set_para(mgr->fs_handle, ID_INVISBLE, &value, sizeof(value));
+	
+	FS_register_ratio(mgr->fs_handle,
+					mgr->fs_id[SSL_DOWN_CACHE_HIT], 
+					mgr->fs_id[SSL_DOWN_CACHE_QUERY], 
+					1,
+					FS_STYLE_STATUS,
+					FS_CALC_CURRENT,
+					"dsess_hit");					
 	return;
 }
 static SSL * downstream_ssl_create(struct ssl_mgr * mgr, struct keyring * crt);
@@ -223,11 +266,13 @@ struct ssl_stream * ssl_stream_new(struct ssl_mgr * mgr, evutil_socket_t fd, enu
 	assert(ret == 0);
 	switch (dir)
 	{
-		case CONN_DIR_DOWNSTREAM:
+		case CONN_DIR_DOWNSTREAM:		
+			ATOMIC_INC(&(s_stream->mgr->stat_val[SSL_DOWN_NEW]));
 			s_stream->ssl = downstream_ssl_create(mgr, kyr);
 			s_stream->keyring = kyr;
 			break;
 		case CONN_DIR_UPSTREAM: 
+			ATOMIC_INC(&(s_stream->mgr->stat_val[SSL_UP_NEW]));
 			s_stream->ssl = upstream_ssl_create(mgr, client_hello, fd);
 			s_stream->client_hello = client_hello;
 			break;
@@ -247,7 +292,8 @@ static void ssl_stream_free(struct ssl_stream * s_stream)
 			{
 				key_keeper_free_keyring(s_stream->keyring);
 				s_stream->keyring = NULL;
-			}
+			}			
+			ATOMIC_INC(&(s_stream->mgr->stat_val[SSL_DOWN_CLOSED]));
 			break;
 		case CONN_DIR_UPSTREAM:
 			if (s_stream->client_hello != NULL)
@@ -255,6 +301,7 @@ static void ssl_stream_free(struct ssl_stream * s_stream)
 				ssl_chello_free(s_stream->client_hello);
 				s_stream->client_hello = NULL;
 			}
+			ATOMIC_INC(&(s_stream->mgr->stat_val[SSL_UP_CLOSED]));
 			break;
 		default: assert(0);
 	}
@@ -337,6 +384,8 @@ ssl_stream_gc_cb(evutil_socket_t fd, short what, void * arg)
 {
 	struct ssl_mgr *mgr=(struct ssl_mgr *)arg;
 	int i=0;
+	ssl_sess_cache_stat(mgr->up_sess_cache, &(mgr->stat_val[SSL_UP_CACHE_SZ]), &(mgr->stat_val[SSL_UP_CACHE_QUERY]), &(mgr->stat_val[SSL_UP_CACHE_HIT]));
+	ssl_sess_cache_stat(mgr->down_sess_cache, &(mgr->stat_val[SSL_DOWN_CACHE_SZ]), &(mgr->stat_val[SSL_DOWN_CACHE_QUERY]), &(mgr->stat_val[SSL_DOWN_CACHE_HIT]));
 	for(i=0;i<SSL_STAT_MAX;i++)
 	{
 		FS_operate(mgr->fs_handle, mgr->fs_id[i], 0, FS_OP_SET, ATOMIC_READ(&(mgr->stat_val[i])));
@@ -806,12 +855,11 @@ static void ssl_connect_origin_eventcb(struct bufferevent * bev, short events, v
 	}
 	else if(events & BEV_EVENT_TIMEOUT)
 	{
+		ATOMIC_INC(&(ctx->mgr->stat_val[SSL_UP_ERR]));
 		promise_failed(promise, FUTURE_ERROR_TIMEOUT, NULL);
 	}
 	else if(events & BEV_EVENT_CONNECTED)
-	{
-		
-		ATOMIC_INC(&(ctx->mgr->stat_val[SSL_UP_NUM]));
+	{		
 		bufferevent_disable(ctx->bev, EV_READ | EV_WRITE);
 		bufferevent_setcb(ctx->bev, NULL, NULL, NULL, NULL); //leave a clean bev for on_success
 		//The reference count of the SSL_SESSION is not incremented, so no need to free.
@@ -865,7 +913,7 @@ extern void ssl_async_upstream_create(struct future * f, struct ssl_mgr * mgr, e
 	int ret = 0;
 
 	ctx->addrlen = sizeof(ctx->addr);
-	ret = getpeername(fd_downstream, (struct sockaddr *)&(ctx->addr), &(ctx->addrlen));
+	ret = getpeername(fd_upstream, (struct sockaddr *)&(ctx->addr), &(ctx->addrlen));
 	assert(ret == 0);
 
 	ctx->fd_downstream = fd_downstream;
@@ -1229,12 +1277,20 @@ static struct ssl_shutdown_ctx * ssl_shutdown_ctx_new(struct ssl_stream * s_stre
 	ctx->evbase = evbase;
 	ctx->s_stream = s_stream;
 	ctx->ev = NULL;
+	ctx->mgr = s_stream->mgr;
+	ctx->dir = s_stream->dir;
 	ctx->retries = 0;
+	ctx->dir==CONN_DIR_DOWNSTREAM ? ATOMIC_INC(&(ctx->mgr->stat_val[SSL_DOWN_CLOSING]))
+										: ATOMIC_INC(&(ctx->mgr->stat_val[SSL_UP_CLOSING]));
+
 	return ctx;
 }
 
 static void ssl_shutdown_ctx_free(struct ssl_shutdown_ctx * ctx)
 {
+	ctx->dir==CONN_DIR_DOWNSTREAM ? ATOMIC_DEC(&(ctx->mgr->stat_val[SSL_DOWN_CLOSING]))
+								 : ATOMIC_DEC(&(ctx->mgr->stat_val[SSL_UP_CLOSING]));
+	memset(ctx, 0, sizeof(struct ssl_shutdown_ctx));
 	free(ctx);
 }
 
@@ -1332,17 +1388,7 @@ retry:
 	}
 	return;
 complete:
-	if(ctx->s_stream->dir==CONN_DIR_DOWNSTREAM)
-	{
-		ATOMIC_INC(&(mgr->stat_val[SSL_DOWN_CLOSED]));
-		ATOMIC_DEC(&(mgr->stat_val[SSL_DOWN_CLOSING]));
-	}
-	else
-	{
-		ATOMIC_INC(&(mgr->stat_val[SSL_UP_CLOSED]));
-		ATOMIC_DEC(&(mgr->stat_val[SSL_UP_CLOSING]));
-	}
-	
+
 	ssl_stream_free(ctx->s_stream);
 	evutil_closesocket(fd);
 	ssl_shutdown_ctx_free(ctx);
@@ -1359,7 +1405,5 @@ void ssl_stream_free_and_close_fd(struct ssl_stream * s_stream, struct event_bas
 	struct ssl_shutdown_ctx * sslshutctx = NULL;
 	assert(fd==s_stream->_do_not_use.fd);
 	sslshutctx = ssl_shutdown_ctx_new(s_stream, evbase);
-	s_stream->dir==CONN_DIR_DOWNSTREAM ? ATOMIC_INC(&(s_stream->mgr->stat_val[SSL_DOWN_CLOSING]))
-										: ATOMIC_INC(&(s_stream->mgr->stat_val[SSL_UP_CLOSING]));
 	pxy_ssl_shutdown_cb(fd, 0, sslshutctx);
 }