All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.netty.incubator.codec.quic.QuicClientSessionCache Maven / Gradle / Ivy

There is a newer version: 0.0.69.Final
Show newest version
/*
 * Copyright 2021 The Netty Project
 *
 * The Netty Project licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 *   https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package io.netty.incubator.codec.quic;

import io.netty.util.AsciiString;
import io.netty.util.internal.SystemPropertyUtil;
import org.jetbrains.annotations.Nullable;

import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.concurrent.atomic.AtomicInteger;

final class QuicClientSessionCache {

    private static final int DEFAULT_CACHE_SIZE;
    static {
        // Respect the same system property as the JDK implementation to make it easy to switch between implementations.
        int cacheSize = SystemPropertyUtil.getInt("javax.net.ssl.sessionCacheSize", 20480);
        if (cacheSize >= 0) {
            DEFAULT_CACHE_SIZE = cacheSize;
        } else {
            DEFAULT_CACHE_SIZE = 20480;
        }
    }

    private final AtomicInteger maximumCacheSize = new AtomicInteger(DEFAULT_CACHE_SIZE);

    // Let's use the same default value as OpenSSL does.
    // See https://www.openssl.org/docs/man1.1.1/man3/SSL_get_default_timeout.html
    private final AtomicInteger sessionTimeout = new AtomicInteger(300);
    private int sessionCounter;

    private final Map sessions =
            new LinkedHashMap() {

                private static final long serialVersionUID = -7773696788135734448L;

                @Override
                protected boolean removeEldestEntry(Map.Entry eldest) {
                    int maxSize = maximumCacheSize.get();
                    return maxSize >= 0 && size() > maxSize;
                }
            };

    void saveSession(@Nullable String host, int port, long creationTime, long timeout, byte[] session, boolean isSingleUse) {
        HostPort hostPort = keyFor(host, port);
        if (hostPort != null) {
            synchronized (sessions) {
                // Mimic what OpenSSL is doing and expunge every 255 new sessions
                // See https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_flush_sessions.html
                if (++sessionCounter == 255) {
                    sessionCounter = 0;
                    expungeInvalidSessions();
                }

                sessions.put(hostPort, new SessionHolder(creationTime, timeout, session, isSingleUse));
            }
        }
    }

    // Only used for testing.
    boolean hasSession(@Nullable String host, int port) {
        HostPort hostPort = keyFor(host, port);
        if (hostPort != null) {
            synchronized (sessions) {
                return sessions.containsKey(hostPort);
            }
        }
        return false;
    }

    byte @Nullable [] getSession(@Nullable String host, int port) {
        HostPort hostPort = keyFor(host, port);
        if (hostPort != null) {
            SessionHolder sessionHolder;
            synchronized (sessions) {
                sessionHolder = sessions.get(hostPort);
                if (sessionHolder == null) {
                    return null;
                }
                if (sessionHolder.isSingleUse()) {
                    // Remove session as it should only be re-used once.
                    sessions.remove(hostPort);
                }
            }
            if (sessionHolder.isValid()) {
                return sessionHolder.sessionBytes();
            }
        }
        return null;
    }

    void removeSession(@Nullable String host, int port) {
        HostPort hostPort = keyFor(host, port);
        if (hostPort != null) {
            synchronized (sessions) {
                sessions.remove(hostPort);
            }
        }
    }

    void setSessionTimeout(int seconds) {
        int oldTimeout = sessionTimeout.getAndSet(seconds);
        if (oldTimeout > seconds) {
            // Drain the whole cache as this way we can use the ordering of the LinkedHashMap to detect early
            // if there are any other sessions left that are invalid.
            clear();
        }
    }

    int getSessionTimeout() {
        return sessionTimeout.get();
    }

    void setSessionCacheSize(int size) {
        long oldSize = maximumCacheSize.getAndSet(size);
        if (oldSize > size || size == 0) {
            // Just keep it simple for now and drain the whole cache.
            clear();
        }
    }

    int getSessionCacheSize() {
        return maximumCacheSize.get();
    }

    /**
     * Clear the cache and free all cached SSL_SESSION*.
     */
    void clear() {
        synchronized (sessions) {
            sessions.clear();
        }
    }


    private void expungeInvalidSessions() {
        assert Thread.holdsLock(sessions);

        if (sessions.isEmpty()) {
            return;
        }
        long now = System.currentTimeMillis();
        Iterator> iterator = sessions.entrySet().iterator();
        while (iterator.hasNext()) {
            SessionHolder sessionHolder = iterator.next().getValue();
            // As we use a LinkedHashMap we can break the while loop as soon as we find a valid session.
            // This is true as we always drain the cache as soon as we change the timeout to a smaller value as
            // it was set before. This way its true that the insertion order matches the timeout order.
            if (sessionHolder.isValid(now)) {
                break;
            }
            iterator.remove();
        }
    }

    @Nullable
    private static HostPort keyFor(@Nullable String host, int port) {
        if (host == null && port < 1) {
            return null;
        }
        return new HostPort(host, port);
    }

    private static final class SessionHolder {
        private final long creationTime;
        private final long timeout;
        private final byte[] sessionBytes;
        private final boolean isSingleUse;

        SessionHolder(long creationTime, long timeout, byte[] session, boolean isSingleUse) {
            this.creationTime = creationTime;
            this.timeout = timeout;
            this.sessionBytes = session;
            this.isSingleUse = isSingleUse;
        }

        boolean isValid() {
            return isValid(System.currentTimeMillis());
        }

        boolean isValid(long current) {
            return current <= creationTime + timeout;
        }

        boolean isSingleUse() {
            return isSingleUse;
        }

        byte[] sessionBytes() {
            return sessionBytes;
        }
    }

    /**
     * Host / Port tuple used to find a session in the cache.
     */
    private static final class HostPort {
        private final int hash;
        private final String host;
        private final int port;

        HostPort(@Nullable String host, int port) {
            this.host = host;
            this.port = port;
            // Calculate a hashCode that does ignore case.
            this.hash = 31 * AsciiString.hashCode(host) + port;
        }

        @Override
        public int hashCode() {
            return hash;
        }

        @Override
        public boolean equals(Object obj) {
            if (!(obj instanceof HostPort)) {
                return false;
            }
            HostPort other = (HostPort) obj;
            return port == other.port && host.equalsIgnoreCase(other.host);
        }

        @Override
        public String toString() {
            return "HostPort{" +
                    "host='" + host + '\'' +
                    ", port=" + port +
                    '}';
        }
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy