enabling multi-threads support
as TS_RESP_CTX is not thread safe, this commit implement a pool of TS_RESP_CTX in which a thread can pick one in a thread safe maner. * implement a ts_resp_ctx_wrapper containing a TS_RESP_CTX and a lock and bool to mark the availability of the TS_RESP_CTX * implement the get_ctxw to recover a given TS_RESP_CTX in a thread safe maner * adapt the rest of the code to accomodate the new way of doing things * set the default number of threads to 10 as it's now safe to do so
This commit is contained in:
kakwa
parent
81d7a808cb
commit
e948177a41
|
|
@ -3,6 +3,7 @@
|
|||
#include <stdint.h>
|
||||
#include <stddef.h> /* for offsetof() macro */
|
||||
#include <string.h>
|
||||
#include <pthread.h>
|
||||
#include <civetweb.h>
|
||||
#include <openssl/ts.h>
|
||||
|
||||
|
|
@ -14,12 +15,19 @@
|
|||
#define RFC3161_OPTIONS_LEN \
|
||||
sizeof(rfc3161_options) / sizeof(struct rfc3161_option)
|
||||
|
||||
typedef struct {
|
||||
TS_RESP_CTX *ts_ctx;
|
||||
bool available;
|
||||
pthread_mutex_t lock;
|
||||
} ts_resp_ctx_wrapper;
|
||||
|
||||
typedef struct {
|
||||
uint64_t query_counter;
|
||||
bool stdout_dbg;
|
||||
int loglevel;
|
||||
int numthreads;
|
||||
const char *http_options[40];
|
||||
TS_RESP_CTX *ts_ctx;
|
||||
ts_resp_ctx_wrapper *ts_ctx_pool;
|
||||
CONF *conf;
|
||||
} rfc3161_context;
|
||||
|
||||
|
|
@ -30,7 +38,7 @@ struct rfc3161_option {
|
|||
};
|
||||
|
||||
static struct rfc3161_option rfc3161_options[] = {
|
||||
{"num_threads", HTTP_OPTIONS, "1"},
|
||||
{"num_threads", HTTP_OPTIONS, "10"},
|
||||
{"run_as_user", HTTP_OPTIONS, NULL},
|
||||
{"throttle", HTTP_OPTIONS, NULL},
|
||||
{"enable_keep_alive", HTTP_OPTIONS, "no"},
|
||||
|
|
|
|||
|
|
@ -38,5 +38,6 @@ static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
|
|||
TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
|
||||
const char *policy);
|
||||
int add_oid_section(rfc3161_context *ct, CONF *conf);
|
||||
ts_resp_ctx_wrapper *get_ctxw(rfc3161_context *ct);
|
||||
void init_ssl();
|
||||
void free_ssl();
|
||||
|
|
|
|||
|
|
@ -8,6 +8,6 @@ void log_hex(rfc3161_context *ct, int priority, char *id,
|
|||
unsigned char *content, int content_length);
|
||||
int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd);
|
||||
static char *rand_string(char *str, size_t size);
|
||||
void free_uts_context(rfc3161_context *context);
|
||||
void free_uts_context(rfc3161_context *ct);
|
||||
int g_uts_sig_up;
|
||||
int g_uts_sig;
|
||||
|
|
|
|||
|
|
@ -139,9 +139,17 @@ int rfc3161_handler(struct mg_connection *conn, void *context) {
|
|||
|
||||
log_hex(ct, LOG_DEBUG, "query hexdump content", (unsigned char *)query,
|
||||
request_info->content_length);
|
||||
ts_resp_ctx_wrapper *ctx_w = get_ctxw(ct);
|
||||
if (ctx_w == NULL) {
|
||||
resp_code = 500;
|
||||
uts_logger(context, LOG_WARNING,
|
||||
"Unable to get an OpenSSL ts_context in the pool");
|
||||
|
||||
resp_code = create_response(ct, query, query_len, ct->ts_ctx,
|
||||
&content_length, &content, &serial_id);
|
||||
} else {
|
||||
resp_code = create_response(ct, query, query_len, ctx_w->ts_ctx,
|
||||
&content_length, &content, &serial_id);
|
||||
ctx_w->available = 1;
|
||||
}
|
||||
switch (resp_code) {
|
||||
case 200:
|
||||
mg_printf(conn,
|
||||
|
|
|
|||
|
|
@ -84,6 +84,22 @@ void free_ssl() {
|
|||
OBJ_cleanup();
|
||||
}
|
||||
|
||||
// recover a ts wrapper
|
||||
ts_resp_ctx_wrapper *get_ctxw(rfc3161_context *ct) {
|
||||
ts_resp_ctx_wrapper *ret = NULL;
|
||||
for (int i = 0; i < ct->numthreads; i++) {
|
||||
pthread_mutex_lock(&ct->ts_ctx_pool[i].lock);
|
||||
if (ct->ts_ctx_pool[i].available) {
|
||||
ct->ts_ctx_pool[i].available = 0;
|
||||
ret = &(ct->ts_ctx_pool[i]);
|
||||
pthread_mutex_unlock(&ct->ts_ctx_pool[i].lock);
|
||||
return ret;
|
||||
}
|
||||
pthread_mutex_unlock(&ct->ts_ctx_pool[i].lock);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
|
||||
const char *policy) {
|
||||
unsigned long err_code;
|
||||
|
|
|
|||
|
|
@ -264,6 +264,7 @@ int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd) {
|
|||
chdir(conf_wd);
|
||||
int ret = 1;
|
||||
int http_counter = 0;
|
||||
int numthreads = 42;
|
||||
|
||||
NCONF_free(ct->conf);
|
||||
ct->conf = load_config_file(ct, conf_file);
|
||||
|
|
@ -317,6 +318,8 @@ int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd) {
|
|||
ct->http_options[http_counter] = value;
|
||||
http_counter++;
|
||||
}
|
||||
if (strcmp(name, "num_threads") == 0)
|
||||
numthreads = atoi(value);
|
||||
break;
|
||||
;
|
||||
case TSA_OPTIONS:
|
||||
|
|
@ -328,9 +331,14 @@ int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd) {
|
|||
|
||||
if (!add_oid_section(ct, ct->conf))
|
||||
ret = 0;
|
||||
ct->ts_ctx = create_tsctx(ct, ct->conf, NULL, NULL);
|
||||
if (ct->ts_ctx == NULL)
|
||||
ret = 0;
|
||||
ct->ts_ctx_pool = calloc(numthreads, sizeof(ts_resp_ctx_wrapper));
|
||||
ct->numthreads = numthreads;
|
||||
for (int i = 0; i < numthreads; i++) {
|
||||
ct->ts_ctx_pool[i].ts_ctx = create_tsctx(ct, ct->conf, NULL, NULL);
|
||||
ct->ts_ctx_pool[i].available = 1;
|
||||
if (ct->ts_ctx_pool[i].ts_ctx == NULL)
|
||||
ret = 0;
|
||||
}
|
||||
chdir("/");
|
||||
return ret;
|
||||
|
||||
|
|
@ -339,8 +347,11 @@ end:
|
|||
return 0;
|
||||
}
|
||||
|
||||
void free_uts_context(rfc3161_context *context) {
|
||||
TS_RESP_CTX_free(context->ts_ctx);
|
||||
NCONF_free(context->conf);
|
||||
free(context);
|
||||
void free_uts_context(rfc3161_context *ct) {
|
||||
for (int i = 0; i < ct->numthreads; i++) {
|
||||
TS_RESP_CTX_free(ct->ts_ctx_pool[i].ts_ctx);
|
||||
}
|
||||
free(ct->ts_ctx_pool);
|
||||
NCONF_free(ct->conf);
|
||||
free(ct);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue