mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-04 23:43:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS

Browse Source 
Remove OPENSSL_NO_BUF_FREELISTS. This was turned on by default,
so the work here is removing the 'maintain our own freelist' code.
Also removed a minor old Windows-multibyte/widechar conversion flag.

Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
Rich Salz 2015-01-27 16:43:53 -05:00
parent daa48704cc
commit 63c574f6a6
6 changed files with 6 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/cryptlib.c
View File

@ -365,12 +365,9 @@ void OPENSSL_showfatal(const char *fmta, ...)
fmt = (const TCHAR *)L"no stack?";
break;
}
# ifndef OPENSSL_NO_MULTIBYTE
if (!MultiByteToWideChar(CP_ACP, 0, fmta, len_0, fmtw, len_0))
# endif
for (i = 0; i < len_0; i++)
fmtw[i] = (WCHAR)fmta[i];
for (i = 0; i < len_0; i++) {
if (fmtw[i] == L'%')
do {

6
doc/ssl/SSL_CTX_set_mode.pod
View File

@ -64,10 +64,8 @@ return after the handshake and successful completion.
=item SSL_MODE_RELEASE_BUFFERS
When we no longer need a read buffer or a write buffer for a given SSL,
then release the memory we were using to hold it. Released memory is
either appended to a list of unused RAM chunks on the SSL_CTX, or simply
freed if the list of unused chunks would become longer than
SSL_CTX->freelist_max_len, which defaults to 32. Using this flag can
then release the memory we were using to hold it.
Using this flag can
save around 34k per idle SSL connection.
This flag has no effect on SSL v2 connections, or on DTLS connections.

78
ssl/s3_both.c
View File

@ -566,76 +566,6 @@ int ssl_verify_alarm_type(long type)
return (al);
}
#ifndef OPENSSL_NO_BUF_FREELISTS
/*-
* On some platforms, malloc() performance is bad enough that you can't just
* free() and malloc() buffers all the time, so we need to use freelists from
* unused buffers. Currently, each freelist holds memory chunks of only a
* given size (list->chunklen); other sized chunks are freed and malloced.
* This doesn't help much if you're using many different SSL option settings
* with a given context. (The options affecting buffer size are
* max_send_fragment, read buffer vs write buffer,
* SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.) Using a separate freelist for every
* possible size is not an option, since max_send_fragment can take on many
* different values.
*
* If you are on a platform with a slow malloc(), and you're using SSL
* connections with many different settings for these options, and you need to
* use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
* - Link against a faster malloc implementation.
* - Use a separate SSL_CTX for each option set.
* - Improve this code.
*/
static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
{
SSL3_BUF_FREELIST *list;
SSL3_BUF_FREELIST_ENTRY *ent = NULL;
void *result = NULL;
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
if (list != NULL && sz == (int)list->chunklen)
ent = list->head;
if (ent != NULL) {
list->head = ent->next;
result = ent;
if (--list->len == 0)
list->chunklen = 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
if (!result)
result = OPENSSL_malloc(sz);
return result;
}
static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
{
SSL3_BUF_FREELIST *list;
SSL3_BUF_FREELIST_ENTRY *ent;
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
if (list != NULL &&
(sz == list->chunklen || list->chunklen == 0) &&
list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
list->chunklen = sz;
ent = mem;
ent->next = list->head;
list->head = ent;
++list->len;
mem = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
if (mem)
OPENSSL_free(mem);
}
#else
# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
#endif
int ssl3_setup_read_buffer(SSL *s)
{
unsigned char *p;
@ -661,7 +591,7 @@ int ssl3_setup_read_buffer(SSL *s)
if (ssl_allow_compression(s))
len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
#endif
if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
if ((p = OPENSSL_malloc(len)) == NULL)
goto err;
s->s3->rbuf.buf = p;
s->s3->rbuf.len = len;
@ -699,7 +629,7 @@ int ssl3_setup_write_buffer(SSL *s)
if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
if ((p = OPENSSL_malloc(len)) == NULL)
goto err;
s->s3->wbuf.buf = p;
s->s3->wbuf.len = len;
@ -724,7 +654,7 @@ int ssl3_setup_buffers(SSL *s)
int ssl3_release_write_buffer(SSL *s)
{
if (s->s3->wbuf.buf != NULL) {
freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
OPENSSL_free(s->s3->wbuf.buf);
s->s3->wbuf.buf = NULL;
}
return 1;
@ -733,7 +663,7 @@ int ssl3_release_write_buffer(SSL *s)
int ssl3_release_read_buffer(SSL *s)
{
if (s->s3->rbuf.buf != NULL) {
freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
OPENSSL_free(s->s3->rbuf.buf);
s->s3->rbuf.buf = NULL;
}
return 1;

6
ssl/ssl.h
View File

@ -1083,12 +1083,6 @@ struct ssl_ctx_st {
unsigned int max_psk_len);
# endif
# ifndef OPENSSL_NO_BUF_FREELISTS
# define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
unsigned int freelist_max_len;
struct ssl3_buf_freelist_st *wbuf_freelist;
struct ssl3_buf_freelist_st *rbuf_freelist;
# endif
# ifndef OPENSSL_NO_SRP
SRP_CTX srp_ctx; /* ctx for SRP authentication */
# endif

42
ssl/ssl_lib.c
View File

@ -2008,23 +2008,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
#ifndef OPENSSL_NO_SRP
SSL_CTX_SRP_CTX_init(ret);
#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
if (!ret->rbuf_freelist)
goto err;
ret->rbuf_freelist->chunklen = 0;
ret->rbuf_freelist->len = 0;
ret->rbuf_freelist->head = NULL;
ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
if (!ret->wbuf_freelist) {
OPENSSL_free(ret->rbuf_freelist);
goto err;
}
ret->wbuf_freelist->chunklen = 0;
ret->wbuf_freelist->len = 0;
ret->wbuf_freelist->head = NULL;
#endif
#ifndef OPENSSL_NO_ENGINE
ret->client_cert_engine = NULL;
# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
@ -2059,25 +2042,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
return (NULL);
}
#if 0
static void SSL_COMP_free(SSL_COMP *comp)
{
OPENSSL_free(comp);
}
#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
{
SSL3_BUF_FREELIST_ENTRY *ent, *next;
for (ent = list->head; ent; ent = next) {
next = ent->next;
OPENSSL_free(ent);
}
OPENSSL_free(list);
}
#endif
void SSL_CTX_free(SSL_CTX *a)
{
int i;
@ -2155,12 +2119,6 @@ void SSL_CTX_free(SSL_CTX *a)
ENGINE_finish(a->client_cert_engine);
#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
if (a->wbuf_freelist)
ssl_buf_freelist_free(a->wbuf_freelist);
if (a->rbuf_freelist)
ssl_buf_freelist_free(a->rbuf_freelist);
#endif
#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_EC
if (a->tlsext_ecpointformatlist)

12
ssl/ssl_locl.h
View File

@ -833,18 +833,6 @@ typedef struct ssl3_comp_st {
} SSL3_COMP;
# endif
# ifndef OPENSSL_NO_BUF_FREELISTS
typedef struct ssl3_buf_freelist_st {
size_t chunklen;
unsigned int len;
struct ssl3_buf_freelist_entry_st *head;
} SSL3_BUF_FREELIST;
typedef struct ssl3_buf_freelist_entry_st {
struct ssl3_buf_freelist_entry_st *next;
} SSL3_BUF_FREELIST_ENTRY;
# endif
extern SSL3_ENC_METHOD ssl3_undef_enc_method;
OPENSSL_EXTERN const SSL_CIPHER ssl3_ciphers[];