1 /* 2 * Copyright (C) 2009 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.conscrypt; 18 19 import java.io.DataInputStream; 20 import java.io.File; 21 import java.io.FileInputStream; 22 import java.io.FileNotFoundException; 23 import java.io.FileOutputStream; 24 import java.io.IOException; 25 import java.util.Arrays; 26 import java.util.HashMap; 27 import java.util.Iterator; 28 import java.util.LinkedHashMap; 29 import java.util.Map; 30 import java.util.Set; 31 import java.util.TreeSet; 32 import javax.net.ssl.SSLSession; 33 import libcore.io.IoUtils; 34 35 /** 36 * File-based cache implementation. Only one process should access the 37 * underlying directory at a time. 38 */ 39 public class FileClientSessionCache { 40 41 public static final int MAX_SIZE = 12; // ~72k 42 43 private FileClientSessionCache() {} 44 45 /** 46 * This cache creates one file per SSL session using "host.port" for 47 * the file name. Files are created or replaced when session data is put 48 * in the cache (see {@link #putSessionData}). Files are read on 49 * cache hits, but not on cache misses. 50 * 51 * <p>When the number of session files exceeds MAX_SIZE, we delete the 52 * least-recently-used file. We don't current persist the last access time, 53 * so the ordering actually ends up being least-recently-modified in some 54 * cases and even just "not accessed in this process" if the filesystem 55 * doesn't track last modified times. 56 */ 57 static class Impl implements SSLClientSessionCache { 58 59 /** Directory to store session files in. */ 60 final File directory; 61 62 /** 63 * Map of name -> File. Keeps track of the order files were accessed in. 64 */ 65 Map<String, File> accessOrder = newAccessOrder(); 66 67 /** The number of files on disk. */ 68 int size; 69 70 /** 71 * The initial set of files. We use this to defer adding information 72 * about all files to accessOrder until necessary. 73 */ 74 String[] initialFiles; 75 76 /** 77 * Constructs a new cache backed by the given directory. 78 */ 79 Impl(File directory) throws IOException { 80 boolean exists = directory.exists(); 81 if (exists && !directory.isDirectory()) { 82 throw new IOException(directory + " exists but is not a directory."); 83 } 84 85 if (exists) { 86 // Read and sort initial list of files. We defer adding 87 // information about these files to accessOrder until necessary 88 // (see indexFiles()). Sorting the list enables us to detect 89 // cache misses in getSessionData(). 90 // Note: Sorting an array here was faster than creating a 91 // HashSet on Dalvik. 92 initialFiles = directory.list(); 93 if (initialFiles == null) { 94 // File.list() will return null in error cases without throwing IOException 95 // http://b/3363561 96 throw new IOException(directory + " exists but cannot list contents."); 97 } 98 Arrays.sort(initialFiles); 99 size = initialFiles.length; 100 } else { 101 // Create directory. 102 if (!directory.mkdirs()) { 103 throw new IOException("Creation of " + directory + " directory failed."); 104 } 105 size = 0; 106 } 107 108 this.directory = directory; 109 } 110 111 /** 112 * Creates a new access-ordered linked hash map. 113 */ 114 private static Map<String, File> newAccessOrder() { 115 return new LinkedHashMap<String, File>( 116 MAX_SIZE, 0.75f, true /* access order */); 117 } 118 119 /** 120 * Gets the file name for the given host and port. 121 */ 122 private static String fileName(String host, int port) { 123 if (host == null) { 124 throw new NullPointerException("host == null"); 125 } 126 return host + "." + port; 127 } 128 129 public synchronized byte[] getSessionData(String host, int port) { 130 /* 131 * Note: This method is only called when the in-memory cache 132 * in SSLSessionContext misses, so it would be unnecessarily 133 * redundant for this cache to store data in memory. 134 */ 135 136 String name = fileName(host, port); 137 File file = accessOrder.get(name); 138 139 if (file == null) { 140 // File wasn't in access order. Check initialFiles... 141 if (initialFiles == null) { 142 // All files are in accessOrder, so it doesn't exist. 143 return null; 144 } 145 146 // Look in initialFiles. 147 if (Arrays.binarySearch(initialFiles, name) < 0) { 148 // Not found. 149 return null; 150 } 151 152 // The file is on disk but not in accessOrder yet. 153 file = new File(directory, name); 154 accessOrder.put(name, file); 155 } 156 157 FileInputStream in; 158 try { 159 in = new FileInputStream(file); 160 } catch (FileNotFoundException e) { 161 logReadError(host, file, e); 162 return null; 163 } 164 try { 165 int size = (int) file.length(); 166 byte[] data = new byte[size]; 167 new DataInputStream(in).readFully(data); 168 return data; 169 } catch (IOException e) { 170 logReadError(host, file, e); 171 return null; 172 } finally { 173 IoUtils.closeQuietly(in); 174 } 175 } 176 177 static void logReadError(String host, File file, Throwable t) { 178 System.logW("Error reading session data for " + host + " from " + file + ".", t); 179 } 180 181 public synchronized void putSessionData(SSLSession session, 182 byte[] sessionData) { 183 String host = session.getPeerHost(); 184 if (sessionData == null) { 185 throw new NullPointerException("sessionData == null"); 186 } 187 188 String name = fileName(host, session.getPeerPort()); 189 File file = new File(directory, name); 190 191 // Used to keep track of whether or not we're expanding the cache. 192 boolean existedBefore = file.exists(); 193 194 FileOutputStream out; 195 try { 196 out = new FileOutputStream(file); 197 } catch (FileNotFoundException e) { 198 // We can't write to the file. 199 logWriteError(host, file, e); 200 return; 201 } 202 203 // If we expanded the cache (by creating a new file)... 204 if (!existedBefore) { 205 size++; 206 207 // Delete an old file if necessary. 208 makeRoom(); 209 } 210 211 boolean writeSuccessful = false; 212 try { 213 out.write(sessionData); 214 writeSuccessful = true; 215 } catch (IOException e) { 216 logWriteError(host, file, e); 217 } finally { 218 boolean closeSuccessful = false; 219 try { 220 out.close(); 221 closeSuccessful = true; 222 } catch (IOException e) { 223 logWriteError(host, file, e); 224 } finally { 225 if (!writeSuccessful || !closeSuccessful) { 226 // Storage failed. Clean up. 227 delete(file); 228 } else { 229 // Success! 230 accessOrder.put(name, file); 231 } 232 } 233 } 234 } 235 236 /** 237 * Deletes old files if necessary. 238 */ 239 private void makeRoom() { 240 if (size <= MAX_SIZE) { 241 return; 242 } 243 244 indexFiles(); 245 246 // Delete LRUed files. 247 int removals = size - MAX_SIZE; 248 Iterator<File> i = accessOrder.values().iterator(); 249 do { 250 delete(i.next()); 251 i.remove(); 252 } while (--removals > 0); 253 } 254 255 /** 256 * Lazily updates accessOrder to know about all files as opposed to 257 * just the files accessed since this process started. 258 */ 259 private void indexFiles() { 260 String[] initialFiles = this.initialFiles; 261 if (initialFiles != null) { 262 this.initialFiles = null; 263 264 // Files on disk only, sorted by last modified time. 265 // TODO: Use last access time. 266 Set<CacheFile> diskOnly = new TreeSet<CacheFile>(); 267 for (String name : initialFiles) { 268 // If the file hasn't been accessed in this process... 269 if (!accessOrder.containsKey(name)) { 270 diskOnly.add(new CacheFile(directory, name)); 271 } 272 } 273 274 if (!diskOnly.isEmpty()) { 275 // Add files not accessed in this process to the beginning 276 // of accessOrder. 277 Map<String, File> newOrder = newAccessOrder(); 278 for (CacheFile cacheFile : diskOnly) { 279 newOrder.put(cacheFile.name, cacheFile); 280 } 281 newOrder.putAll(accessOrder); 282 283 this.accessOrder = newOrder; 284 } 285 } 286 } 287 288 @SuppressWarnings("ThrowableInstanceNeverThrown") 289 private void delete(File file) { 290 if (!file.delete()) { 291 System.logW("Failed to delete " + file + ".", new IOException()); 292 } 293 size--; 294 } 295 296 static void logWriteError(String host, File file, Throwable t) { 297 System.logW("Error writing session data for " + host + " to " + file + ".", t); 298 } 299 } 300 301 /** 302 * Maps directories to the cache instances that are backed by those 303 * directories. We synchronize access using the cache instance, so it's 304 * important that everyone shares the same instance. 305 */ 306 static final Map<File, FileClientSessionCache.Impl> caches 307 = new HashMap<File, FileClientSessionCache.Impl>(); 308 309 /** 310 * Returns a cache backed by the given directory. Creates the directory 311 * (including parent directories) if necessary. This cache should have 312 * exclusive access to the given directory. 313 * 314 * @param directory to store files in 315 * @return a cache backed by the given directory 316 * @throws IOException if the file exists and is not a directory or if 317 * creating the directories fails 318 */ 319 public static synchronized SSLClientSessionCache usingDirectory( 320 File directory) throws IOException { 321 FileClientSessionCache.Impl cache = caches.get(directory); 322 if (cache == null) { 323 cache = new FileClientSessionCache.Impl(directory); 324 caches.put(directory, cache); 325 } 326 return cache; 327 } 328 329 /** For testing. */ 330 static synchronized void reset() { 331 caches.clear(); 332 } 333 334 /** A file containing a piece of cached data. */ 335 static class CacheFile extends File { 336 337 final String name; 338 339 CacheFile(File dir, String name) { 340 super(dir, name); 341 this.name = name; 342 } 343 344 long lastModified = -1; 345 346 @Override 347 public long lastModified() { 348 long lastModified = this.lastModified; 349 if (lastModified == -1) { 350 lastModified = this.lastModified = super.lastModified(); 351 } 352 return lastModified; 353 } 354 355 @Override 356 public int compareTo(File another) { 357 // Sort by last modified time. 358 long result = lastModified() - another.lastModified(); 359 if (result == 0) { 360 return super.compareTo(another); 361 } 362 return result < 0 ? -1 : 1; 363 } 364 } 365 } 366
