[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Tue Jan 27 21:44:48 UTC 2015


The branch master has been updated
       via  63c574f6a639cfa3f53476080054526e6bfa3bc9 (commit)
      from  daa48704cc04c61cf8f3e74759a7a3139b6aff01 (commit)


- Log -----------------------------------------------------------------
commit 63c574f6a639cfa3f53476080054526e6bfa3bc9
Author: Rich Salz <rsalz at openssl.org>
Date:   Tue Jan 27 16:43:53 2015 -0500

    OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS
    
    Remove OPENSSL_NO_BUF_FREELISTS. This was turned on by default,
    so the work here is removing the 'maintain our own freelist' code.
    Also removed a minor old Windows-multibyte/widechar conversion flag.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/cryptlib.c            |    3 --
 doc/ssl/SSL_CTX_set_mode.pod |    6 ++--
 ssl/s3_both.c                |   78 +++---------------------------------------
 ssl/ssl.h                    |    6 ----
 ssl/ssl_lib.c                |   42 -----------------------
 ssl/ssl_locl.h               |   12 -------
 6 files changed, 6 insertions(+), 141 deletions(-)

diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 6597af6..ce07b84 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -365,12 +365,9 @@ void OPENSSL_showfatal(const char *fmta, ...)
                 fmt = (const TCHAR *)L"no stack?";
                 break;
             }
-# ifndef OPENSSL_NO_MULTIBYTE
             if (!MultiByteToWideChar(CP_ACP, 0, fmta, len_0, fmtw, len_0))
-# endif
                 for (i = 0; i < len_0; i++)
                     fmtw[i] = (WCHAR)fmta[i];
-
             for (i = 0; i < len_0; i++) {
                 if (fmtw[i] == L'%')
                     do {
diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod
index 2a5aaa5..a109f34 100644
--- a/doc/ssl/SSL_CTX_set_mode.pod
+++ b/doc/ssl/SSL_CTX_set_mode.pod
@@ -64,10 +64,8 @@ return after the handshake and successful completion.
 =item SSL_MODE_RELEASE_BUFFERS
 
 When we no longer need a read buffer or a write buffer for a given SSL,
-then release the memory we were using to hold it.  Released memory is
-either appended to a list of unused RAM chunks on the SSL_CTX, or simply
-freed if the list of unused chunks would become longer than 
-SSL_CTX->freelist_max_len, which defaults to 32.  Using this flag can
+then release the memory we were using to hold it.
+Using this flag can
 save around 34k per idle SSL connection.
 This flag has no effect on SSL v2 connections, or on DTLS connections.
 
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 50aa428..de49e64 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -566,76 +566,6 @@ int ssl_verify_alarm_type(long type)
     return (al);
 }
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-/*-
- * On some platforms, malloc() performance is bad enough that you can't just
- * free() and malloc() buffers all the time, so we need to use freelists from
- * unused buffers.  Currently, each freelist holds memory chunks of only a
- * given size (list->chunklen); other sized chunks are freed and malloced.
- * This doesn't help much if you're using many different SSL option settings
- * with a given context.  (The options affecting buffer size are
- * max_send_fragment, read buffer vs write buffer,
- * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
- * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
- * possible size is not an option, since max_send_fragment can take on many
- * different values.
- *
- * If you are on a platform with a slow malloc(), and you're using SSL
- * connections with many different settings for these options, and you need to
- * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
- *    - Link against a faster malloc implementation.
- *    - Use a separate SSL_CTX for each option set.
- *    - Improve this code.
- */
-static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
-{
-    SSL3_BUF_FREELIST *list;
-    SSL3_BUF_FREELIST_ENTRY *ent = NULL;
-    void *result = NULL;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-    if (list != NULL && sz == (int)list->chunklen)
-        ent = list->head;
-    if (ent != NULL) {
-        list->head = ent->next;
-        result = ent;
-        if (--list->len == 0)
-            list->chunklen = 0;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-    if (!result)
-        result = OPENSSL_malloc(sz);
-    return result;
-}
-
-static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
-{
-    SSL3_BUF_FREELIST *list;
-    SSL3_BUF_FREELIST_ENTRY *ent;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-    if (list != NULL &&
-        (sz == list->chunklen || list->chunklen == 0) &&
-        list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
-        list->chunklen = sz;
-        ent = mem;
-        ent->next = list->head;
-        list->head = ent;
-        ++list->len;
-        mem = NULL;
-    }
-
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-    if (mem)
-        OPENSSL_free(mem);
-}
-#else
-# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
-# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
-#endif
-
 int ssl3_setup_read_buffer(SSL *s)
 {
     unsigned char *p;
@@ -661,7 +591,7 @@ int ssl3_setup_read_buffer(SSL *s)
         if (ssl_allow_compression(s))
             len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
 #endif
-        if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
+        if ((p = OPENSSL_malloc(len)) == NULL)
             goto err;
         s->s3->rbuf.buf = p;
         s->s3->rbuf.len = len;
@@ -699,7 +629,7 @@ int ssl3_setup_write_buffer(SSL *s)
         if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
             len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
 
-        if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
+        if ((p = OPENSSL_malloc(len)) == NULL)
             goto err;
         s->s3->wbuf.buf = p;
         s->s3->wbuf.len = len;
@@ -724,7 +654,7 @@ int ssl3_setup_buffers(SSL *s)
 int ssl3_release_write_buffer(SSL *s)
 {
     if (s->s3->wbuf.buf != NULL) {
-        freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+        OPENSSL_free(s->s3->wbuf.buf);
         s->s3->wbuf.buf = NULL;
     }
     return 1;
@@ -733,7 +663,7 @@ int ssl3_release_write_buffer(SSL *s)
 int ssl3_release_read_buffer(SSL *s)
 {
     if (s->s3->rbuf.buf != NULL) {
-        freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+        OPENSSL_free(s->s3->rbuf.buf);
         s->s3->rbuf.buf = NULL;
     }
     return 1;
diff --git a/ssl/ssl.h b/ssl/ssl.h
index a0025e6..6809fd6 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1083,12 +1083,6 @@ struct ssl_ctx_st {
                                          unsigned int max_psk_len);
 #  endif
 
-#  ifndef OPENSSL_NO_BUF_FREELISTS
-#   define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
-    unsigned int freelist_max_len;
-    struct ssl3_buf_freelist_st *wbuf_freelist;
-    struct ssl3_buf_freelist_st *rbuf_freelist;
-#  endif
 #  ifndef OPENSSL_NO_SRP
     SRP_CTX srp_ctx;            /* ctx for SRP authentication */
 #  endif
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d777935..59a871c 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2008,23 +2008,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 #ifndef OPENSSL_NO_SRP
     SSL_CTX_SRP_CTX_init(ret);
 #endif
-#ifndef OPENSSL_NO_BUF_FREELISTS
-    ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
-    ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-    if (!ret->rbuf_freelist)
-        goto err;
-    ret->rbuf_freelist->chunklen = 0;
-    ret->rbuf_freelist->len = 0;
-    ret->rbuf_freelist->head = NULL;
-    ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-    if (!ret->wbuf_freelist) {
-        OPENSSL_free(ret->rbuf_freelist);
-        goto err;
-    }
-    ret->wbuf_freelist->chunklen = 0;
-    ret->wbuf_freelist->len = 0;
-    ret->wbuf_freelist->head = NULL;
-#endif
 #ifndef OPENSSL_NO_ENGINE
     ret->client_cert_engine = NULL;
 # ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
@@ -2059,25 +2042,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
     return (NULL);
 }
 
-#if 0
-static void SSL_COMP_free(SSL_COMP *comp)
-{
-    OPENSSL_free(comp);
-}
-#endif
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
-{
-    SSL3_BUF_FREELIST_ENTRY *ent, *next;
-    for (ent = list->head; ent; ent = next) {
-        next = ent->next;
-        OPENSSL_free(ent);
-    }
-    OPENSSL_free(list);
-}
-#endif
-
 void SSL_CTX_free(SSL_CTX *a)
 {
     int i;
@@ -2155,12 +2119,6 @@ void SSL_CTX_free(SSL_CTX *a)
         ENGINE_finish(a->client_cert_engine);
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-    if (a->wbuf_freelist)
-        ssl_buf_freelist_free(a->wbuf_freelist);
-    if (a->rbuf_freelist)
-        ssl_buf_freelist_free(a->rbuf_freelist);
-#endif
 #ifndef OPENSSL_NO_TLSEXT
 # ifndef OPENSSL_NO_EC
     if (a->tlsext_ecpointformatlist)
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index fcf5f8d..f3ce460 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -833,18 +833,6 @@ typedef struct ssl3_comp_st {
 } SSL3_COMP;
 # endif
 
-# ifndef OPENSSL_NO_BUF_FREELISTS
-typedef struct ssl3_buf_freelist_st {
-    size_t chunklen;
-    unsigned int len;
-    struct ssl3_buf_freelist_entry_st *head;
-} SSL3_BUF_FREELIST;
-
-typedef struct ssl3_buf_freelist_entry_st {
-    struct ssl3_buf_freelist_entry_st *next;
-} SSL3_BUF_FREELIST_ENTRY;
-# endif
-
 extern SSL3_ENC_METHOD ssl3_undef_enc_method;
 OPENSSL_EXTERN const SSL_CIPHER ssl3_ciphers[];
 


More information about the openssl-commits mailing list