commit 82b8a0d: [Project] Add preliminary version of the http context concept

Vsevolod Stakhov vsevolod at highsecure.ru
Tue Feb 19 18:00:06 UTC 2019


Author: Vsevolod Stakhov
Date: 2019-02-19 17:56:19 +0000
URL: https://github.com/rspamd/rspamd/commit/82b8a0d6ba068fcd65c515872a990e39b566e52d

[Project] Add preliminary version of the http context concept

---
 src/libutil/http_context.c | 187 +++++++++++++++++++++++++++++++++++++++++++++
 src/libutil/http_context.h |  56 ++++++++++++++
 2 files changed, 243 insertions(+)

diff --git a/src/libutil/http_context.c b/src/libutil/http_context.c
new file mode 100644
index 000000000..0237af1ab
--- /dev/null
+++ b/src/libutil/http_context.c
@@ -0,0 +1,187 @@
+/*-
+ * Copyright 2019 Vsevolod Stakhov
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "http_context.h"
+#include "http_private.h"
+#include "keypair.h"
+#include "keypairs_cache.h"
+#include "cfg_file.h"
+#include "contrib/libottery/ottery.h"
+#include "rspamd.h"
+
+static struct rspamd_http_context *default_ctx = NULL;
+
+static void
+rspamd_http_context_client_rotate_ev (gint fd, short what, void *arg)
+{
+	struct timeval rot_tv;
+	struct rspamd_http_context *ctx = arg;
+	gpointer kp;
+
+	double_to_tv (ctx->config.client_key_rotate_time, &rot_tv);
+	rot_tv.tv_sec += ottery_rand_range (rot_tv.tv_sec);
+	event_del (&ctx->client_rotate_ev);
+	event_add (&ctx->client_rotate_ev, &rot_tv);
+
+	kp = ctx->client_kp;
+	ctx->client_kp = rspamd_keypair_new (RSPAMD_KEYPAIR_KEX,
+			RSPAMD_CRYPTOBOX_MODE_25519);
+	rspamd_keypair_unref (kp);
+}
+
+static struct rspamd_http_context*
+rspamd_http_context_new_default (struct rspamd_config *cfg,
+								 struct event_base *ev_base)
+{
+	struct rspamd_http_context *ctx;
+
+	static const int default_kp_size = 1024;
+	static const gdouble default_rotate_time = 120;
+
+	ctx = g_malloc0 (sizeof (*ctx));
+	ctx->config.kp_cache_size_client = default_kp_size;
+	ctx->config.kp_cache_size_server = default_kp_size;
+	ctx->config.client_key_rotate_time = default_rotate_time;
+
+	if (cfg) {
+		ctx->ssl_ctx = cfg->libs_ctx->ssl_ctx;
+		ctx->ssl_ctx_noverify = cfg->libs_ctx->ssl_ctx_noverify;
+	}
+	else {
+		ctx->ssl_ctx = rspamd_init_ssl_ctx ();
+		ctx->ssl_ctx_noverify = rspamd_init_ssl_ctx_noverify ();
+	}
+
+	ctx->ev_base = ev_base;
+
+	return ctx;
+}
+
+static void
+rspamd_http_context_init (struct rspamd_http_context *ctx)
+{
+	if (ctx->config.kp_cache_size_client > 0) {
+		ctx->client_kp_cache = rspamd_keypair_cache_new (ctx->config.kp_cache_size_client);
+	}
+
+	if (ctx->config.kp_cache_size_client > 0) {
+		ctx->client_kp_cache = rspamd_keypair_cache_new (ctx->config.kp_cache_size_client);
+	}
+
+	if (ctx->config.client_key_rotate_time > 0 && ctx->ev_base) {
+		struct timeval tv;
+		double jittered = rspamd_time_jitter (ctx->config.client_key_rotate_time,
+				0);
+
+		double_to_tv (jittered, &tv);
+		event_set (&ctx->client_rotate_ev, -1, EV_TIMEOUT,
+				rspamd_http_context_client_rotate_ev, ctx);
+		event_base_set (ctx->ev_base, &ctx->client_rotate_ev);
+		event_add (&ctx->client_rotate_ev, &tv);
+	}
+
+	default_ctx = ctx;
+}
+
+struct rspamd_http_context*
+rspamd_http_context_create (struct rspamd_config *cfg,
+							struct event_base *ev_base)
+{
+	struct rspamd_http_context *ctx;
+	const ucl_object_t *http_obj;
+
+	ctx = rspamd_http_context_new_default (cfg, ev_base);
+	http_obj = ucl_object_lookup (cfg->rcl_obj, "http");
+
+	if (http_obj) {
+		const ucl_object_t *server_obj, *client_obj;
+
+		client_obj = ucl_object_lookup (http_obj, "client");
+
+		if (client_obj) {
+			const ucl_object_t *kp_size;
+
+			kp_size = ucl_object_lookup (client_obj, "cache_size");
+
+			if (kp_size) {
+				ctx->config.kp_cache_size_client = ucl_object_toint (kp_size);
+			}
+
+			const ucl_object_t *rotate_time;
+
+			rotate_time = ucl_object_lookup (client_obj, "rotate_time");
+
+			if (rotate_time) {
+				ctx->config.client_key_rotate_time = ucl_object_todouble (rotate_time);
+			}
+		}
+
+		server_obj = ucl_object_lookup (http_obj, "server");
+
+		if (server_obj) {
+			const ucl_object_t *kp_size;
+
+			kp_size = ucl_object_lookup (server_obj, "cache_size");
+
+			if (kp_size) {
+				ctx->config.kp_cache_size_server = ucl_object_toint (kp_size);
+			}
+		}
+	}
+
+	rspamd_http_context_init (ctx);
+
+	return ctx;
+}
+
+void
+rspamd_http_context_free (struct rspamd_http_context *ctx)
+{
+	if (ctx == default_ctx) {
+		default_ctx = NULL;
+	}
+
+	if (ctx->client_kp_cache) {
+		rspamd_keypair_cache_destroy (ctx->client_kp_cache);
+	}
+
+	if (ctx->server_kp_cache) {
+		rspamd_keypair_cache_destroy (ctx->server_kp_cache);
+	}
+
+	g_free (ctx);
+}
+
+struct rspamd_http_context*
+rspamd_http_context_create_config (struct rspamd_http_context_cfg *cfg,
+		struct event_base *ev_base)
+{
+	struct rspamd_http_context *ctx;
+
+	ctx = rspamd_http_context_new_default (NULL, ev_base);
+	memcpy (&ctx->config, cfg, sizeof (*cfg));
+	rspamd_http_context_init (ctx);
+
+	return ctx;
+}
+
+struct rspamd_http_context*
+rspamd_http_context_default (void)
+{
+	g_assert (default_ctx != NULL);
+
+	return default_ctx;
+}
\ No newline at end of file
diff --git a/src/libutil/http_context.h b/src/libutil/http_context.h
new file mode 100644
index 000000000..7d0820687
--- /dev/null
+++ b/src/libutil/http_context.h
@@ -0,0 +1,56 @@
+/*-
+ * Copyright 2019 Vsevolod Stakhov
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef RSPAMD_HTTP_CONTEXT_H
+#define RSPAMD_HTTP_CONTEXT_H
+
+#include "config.h"
+#include "ucl.h"
+
+#include <event.h>
+
+struct rspamd_http_context;
+struct rspamd_config;
+
+struct rspamd_http_context_cfg {
+	guint kp_cache_size_client;
+	guint kp_cache_size_server;
+	guint ssl_cache_size;
+	gdouble client_key_rotate_time;
+	const gchar *user_agent;
+};
+
+/**
+ * Creates and configures new HTTP context
+ * @param root_conf configuration object
+ * @param ev_base event base
+ * @return new context used for both client and server HTTP connections
+ */
+struct rspamd_http_context* rspamd_http_context_create (struct rspamd_config *cfg,
+		struct event_base *ev_base);
+
+struct rspamd_http_context* rspamd_http_context_create_config (
+		struct rspamd_http_context_cfg *cfg,
+		struct event_base *ev_base);
+/**
+ * Destroys context
+ * @param ctx
+ */
+void rspamd_http_context_free (struct rspamd_http_context *ctx);
+
+struct rspamd_http_context* rspamd_http_context_default (void);
+
+#endif


More information about the Commits mailing list