Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
10 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 63c574f6 编写于 作者: R Rich Salz
浏览文件
操作

OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS 

Remove OPENSSL_NO_BUF_FREELISTS. This was turned on by default,
so the work here is removing the 'maintain our own freelist' code.
Also removed a minor old Windows-multibyte/widechar conversion flag.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
上级 daa48704
隐藏空白更改
内联 并排
Showing with 6 addition and 141 deletion
crypto/cryptlib.c
浏览文件 @ 63c574f6
......@@ -365,12 +365,9 @@ void OPENSSL_showfatal(const char *fmta, ...)
fmt = (const TCHAR *)L"no stack?";
break;
}
# ifndef OPENSSL_NO_MULTIBYTE
if (!MultiByteToWideChar(CP_ACP, 0, fmta, len_0, fmtw, len_0))
# endif
for (i = 0; i < len_0; i++)
fmtw[i] = (WCHAR)fmta[i];
for (i = 0; i < len_0; i++) {
if (fmtw[i] == L'%')
do {
......
doc/ssl/SSL_CTX_set_mode.pod
浏览文件 @ 63c574f6
......@@ -64,10 +64,8 @@ return after the handshake and successful completion.
=item SSL_MODE_RELEASE_BUFFERS
When we no longer need a read buffer or a write buffer for a given SSL,
then release the memory we were using to hold it. Released memory is
either appended to a list of unused RAM chunks on the SSL_CTX, or simply
freed if the list of unused chunks would become longer than
SSL_CTX->freelist_max_len, which defaults to 32. Using this flag can
then release the memory we were using to hold it.
Using this flag can
save around 34k per idle SSL connection.
This flag has no effect on SSL v2 connections, or on DTLS connections.
......
ssl/s3_both.c
浏览文件 @ 63c574f6
......@@ -566,76 +566,6 @@ int ssl_verify_alarm_type(long type)
return (al);
}
#ifndef OPENSSL_NO_BUF_FREELISTS
/*-
* On some platforms, malloc() performance is bad enough that you can't just
* free() and malloc() buffers all the time, so we need to use freelists from
* unused buffers. Currently, each freelist holds memory chunks of only a
* given size (list->chunklen); other sized chunks are freed and malloced.
* This doesn't help much if you're using many different SSL option settings
* with a given context. (The options affecting buffer size are
* max_send_fragment, read buffer vs write buffer,
* SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.) Using a separate freelist for every
* possible size is not an option, since max_send_fragment can take on many
* different values.
*
* If you are on a platform with a slow malloc(), and you're using SSL
* connections with many different settings for these options, and you need to
* use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
* - Link against a faster malloc implementation.
* - Use a separate SSL_CTX for each option set.
* - Improve this code.
*/
static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
{
SSL3_BUF_FREELIST *list;
SSL3_BUF_FREELIST_ENTRY *ent = NULL;
void *result = NULL;
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
if (list != NULL && sz == (int)list->chunklen)
ent = list->head;
if (ent != NULL) {
list->head = ent->next;
result = ent;
if (--list->len == 0)
list->chunklen = 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
if (!result)
result = OPENSSL_malloc(sz);
return result;
}
static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
{
SSL3_BUF_FREELIST *list;
SSL3_BUF_FREELIST_ENTRY *ent;
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
if (list != NULL &&
(sz == list->chunklen || list->chunklen == 0) &&
list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
list->chunklen = sz;
ent = mem;
ent->next = list->head;
list->head = ent;
++list->len;
mem = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
if (mem)
OPENSSL_free(mem);
}
#else
# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
#endif
int ssl3_setup_read_buffer(SSL *s)
{
unsigned char *p;
......@@ -661,7 +591,7 @@ int ssl3_setup_read_buffer(SSL *s)
if (ssl_allow_compression(s))
len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
#endif
if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
if ((p = OPENSSL_malloc(len)) == NULL)
goto err;
s->s3->rbuf.buf = p;
s->s3->rbuf.len = len;
......@@ -699,7 +629,7 @@ int ssl3_setup_write_buffer(SSL *s)
if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
if ((p = OPENSSL_malloc(len)) == NULL)
goto err;
s->s3->wbuf.buf = p;
s->s3->wbuf.len = len;
......@@ -724,7 +654,7 @@ int ssl3_setup_buffers(SSL *s)
int ssl3_release_write_buffer(SSL *s)
{
if (s->s3->wbuf.buf != NULL) {
freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
OPENSSL_free(s->s3->wbuf.buf);
s->s3->wbuf.buf = NULL;
}
return 1;
......@@ -733,7 +663,7 @@ int ssl3_release_write_buffer(SSL *s)
int ssl3_release_read_buffer(SSL *s)
{
if (s->s3->rbuf.buf != NULL) {
freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
OPENSSL_free(s->s3->rbuf.buf);
s->s3->rbuf.buf = NULL;
}
return 1;
......
ssl/ssl.h
浏览文件 @ 63c574f6
......@@ -1083,12 +1083,6 @@ struct ssl_ctx_st {
unsigned int max_psk_len);
# endif
# ifndef OPENSSL_NO_BUF_FREELISTS
# define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
unsigned int freelist_max_len;
struct ssl3_buf_freelist_st *wbuf_freelist;
struct ssl3_buf_freelist_st *rbuf_freelist;
# endif
# ifndef OPENSSL_NO_SRP
SRP_CTX srp_ctx; /* ctx for SRP authentication */
# endif
......
ssl/ssl_lib.c
浏览文件 @ 63c574f6
......@@ -2008,23 +2008,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
#ifndef OPENSSL_NO_SRP
SSL_CTX_SRP_CTX_init(ret);
#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
if (!ret->rbuf_freelist)
goto err;
ret->rbuf_freelist->chunklen = 0;
ret->rbuf_freelist->len = 0;
ret->rbuf_freelist->head = NULL;
ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
if (!ret->wbuf_freelist) {
OPENSSL_free(ret->rbuf_freelist);
goto err;
}
ret->wbuf_freelist->chunklen = 0;
ret->wbuf_freelist->len = 0;
ret->wbuf_freelist->head = NULL;
#endif
#ifndef OPENSSL_NO_ENGINE
ret->client_cert_engine = NULL;
# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
......@@ -2059,25 +2042,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
return (NULL);
}
#if 0
static void SSL_COMP_free(SSL_COMP *comp)
{
OPENSSL_free(comp);
}
#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
{
SSL3_BUF_FREELIST_ENTRY *ent, *next;
for (ent = list->head; ent; ent = next) {
next = ent->next;
OPENSSL_free(ent);
}
OPENSSL_free(list);
}
#endif
void SSL_CTX_free(SSL_CTX *a)
{
int i;
......@@ -2155,12 +2119,6 @@ void SSL_CTX_free(SSL_CTX *a)
ENGINE_finish(a->client_cert_engine);
#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
if (a->wbuf_freelist)
ssl_buf_freelist_free(a->wbuf_freelist);
if (a->rbuf_freelist)
ssl_buf_freelist_free(a->rbuf_freelist);
#endif
#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_EC
if (a->tlsext_ecpointformatlist)
......
ssl/ssl_locl.h
浏览文件 @ 63c574f6
......@@ -833,18 +833,6 @@ typedef struct ssl3_comp_st {
} SSL3_COMP;
# endif
# ifndef OPENSSL_NO_BUF_FREELISTS
typedef struct ssl3_buf_freelist_st {
size_t chunklen;
unsigned int len;
struct ssl3_buf_freelist_entry_st *head;
} SSL3_BUF_FREELIST;
typedef struct ssl3_buf_freelist_entry_st {
struct ssl3_buf_freelist_entry_st *next;
} SSL3_BUF_FREELIST_ENTRY;
# endif
extern SSL3_ENC_METHOD ssl3_undef_enc_method;
OPENSSL_EXTERN const SSL_CIPHER ssl3_ciphers[];
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册