1 /** @file 2 3 Stats of TLS 4 5 @section license License 6 7 Licensed to the Apache Software Foundation (ASF) under one 8 or more contributor license agreements. See the NOTICE file 9 distributed with this work for additional information 10 regarding copyright ownership. The ASF licenses this file 11 to you under the Apache License, Version 2.0 (the 12 "License"); you may not use this file except in compliance 13 with the License. You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 */ 23 24 #pragma once 25 26 #include <unordered_map> 27 28 #include "records/I_RecProcess.h" 29 #include "SSLDiags.h" 30 31 /* Stats should only be accessed using these macros */ 32 #define SSL_INCREMENT_DYN_STAT(x) RecIncrRawStat(ssl_rsb, nullptr, (int)x, 1) 33 #define SSL_DECREMENT_DYN_STAT(x) RecIncrRawStat(ssl_rsb, nullptr, (int)x, -1) 34 #define SSL_SET_COUNT_DYN_STAT(x, count) RecSetRawStatCount(ssl_rsb, x, count) 35 #define SSL_INCREMENT_DYN_STAT_EX(x, y) RecIncrRawStat(ssl_rsb, nullptr, (int)x, y) 36 #define SSL_CLEAR_DYN_STAT(x) \ 37 do { \ 38 RecSetRawStatSum(ssl_rsb, (x), 0); \ 39 RecSetRawStatCount(ssl_rsb, (x), 0); \ 40 } while (0) 41 #define SSL_CLR_ERR_INCR_DYN_STAT(vc, x, fmt, ...) \ 42 do { \ 43 SSLVCDebug((vc), fmt, ##__VA_ARGS__); \ 44 RecIncrRawStat(ssl_rsb, nullptr, (int)x, 1); \ 45 } while (0) 46 47 enum SSL_Stats { 48 ssl_origin_server_expired_cert_stat, 49 ssl_user_agent_expired_cert_stat, 50 ssl_origin_server_revoked_cert_stat, 51 ssl_user_agent_revoked_cert_stat, 52 ssl_origin_server_unknown_cert_stat, 53 ssl_user_agent_unknown_cert_stat, 54 ssl_origin_server_cert_verify_failed_stat, 55 ssl_user_agent_cert_verify_failed_stat, 56 ssl_origin_server_bad_cert_stat, 57 ssl_user_agent_bad_cert_stat, 58 ssl_origin_server_decryption_failed_stat, 59 ssl_user_agent_decryption_failed_stat, 60 ssl_origin_server_wrong_version_stat, 61 ssl_user_agent_wrong_version_stat, 62 ssl_origin_server_other_errors_stat, 63 ssl_user_agent_other_errors_stat, 64 ssl_origin_server_unknown_ca_stat, 65 ssl_user_agent_unknown_ca_stat, 66 ssl_user_agent_sessions_stat, 67 ssl_user_agent_session_hit_stat, 68 ssl_user_agent_session_miss_stat, 69 ssl_user_agent_session_timeout_stat, 70 ssl_total_handshake_time_stat, 71 ssl_total_attempts_handshake_count_in_stat, 72 ssl_total_success_handshake_count_in_stat, 73 ssl_total_tickets_created_stat, 74 ssl_total_tickets_verified_stat, 75 ssl_total_tickets_verified_old_key_stat, // verified with old key. 76 ssl_total_ticket_keys_renewed_stat, // number of keys renewed. 77 ssl_total_tickets_not_found_stat, 78 ssl_total_tickets_renewed_stat, 79 ssl_total_dyn_def_tls_record_count, 80 ssl_total_dyn_max_tls_record_count, 81 ssl_total_dyn_redo_tls_record_count, 82 ssl_session_cache_hit, 83 ssl_session_cache_miss, 84 ssl_session_cache_eviction, 85 ssl_session_cache_lock_contention, 86 ssl_session_cache_new_session, 87 ssl_early_data_received_count, // how many times we received early data 88 89 /* error stats */ 90 ssl_error_syscall, 91 ssl_error_ssl, 92 ssl_error_async, 93 ssl_sni_name_set_failure, 94 ssl_total_attempts_handshake_count_out_stat, 95 ssl_total_success_handshake_count_out_stat, 96 97 /* ocsp stapling stats */ 98 ssl_ocsp_revoked_cert_stat, 99 ssl_ocsp_unknown_cert_stat, 100 ssl_ocsp_refreshed_cert_stat, 101 ssl_ocsp_refresh_cert_failure_stat, 102 103 /* SSL/TLS versions */ 104 ssl_total_sslv3, 105 ssl_total_tlsv1, 106 ssl_total_tlsv11, 107 ssl_total_tlsv12, 108 ssl_total_tlsv13, 109 110 ssl_cipher_stats_start = 100, 111 ssl_cipher_stats_end = 300, 112 113 Ssl_Stat_Count 114 }; 115 116 extern RecRawStatBlock *ssl_rsb; 117 extern std::unordered_map<std::string, intptr_t> cipher_map; 118 119 // Initialize SSL statistics. 120 void SSLInitializeStatistics(); 121