Always enable SSL_MODE_RELEASE_BUFFERS.
There's no real need to ever disable it, so this is one fewer configuration to test. It's still disabled for DTLS, but a follow-up will resolve that. Change-Id: Ia95ad8c17ae8236ada516b3968a81c684bf37fd9 Reviewed-on: https://boringssl-review.googlesource.com/4683 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
parent
c561aa64b6
commit
aebefed905
@ -523,14 +523,11 @@ struct ssl_session_st {
|
||||
#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
|
||||
/* Don't attempt to automatically build certificate chain */
|
||||
#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
|
||||
/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and
|
||||
* TLS only.) "Released" buffers are put onto a free-list in the context or
|
||||
* just freed (depending on the context's setting for freelist_max_len). */
|
||||
#define SSL_MODE_RELEASE_BUFFERS 0x00000010L
|
||||
|
||||
/* The following flags do nothing and are included only to make it easier to
|
||||
* compile code with BoringSSL. */
|
||||
#define SSL_MODE_AUTO_RETRY 0
|
||||
#define SSL_MODE_RELEASE_BUFFERS 0
|
||||
|
||||
/* Send the current time in the Random fields of the ClientHello and
|
||||
* ServerHello records for compatibility with hypothetical implementations that
|
||||
|
11
ssl/s3_pkt.c
11
ssl/s3_pkt.c
@ -232,8 +232,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) {
|
||||
|
||||
if (i <= 0) {
|
||||
rb->left = left;
|
||||
if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s) &&
|
||||
len + left == 0) {
|
||||
if (!SSL_IS_DTLS(s) && len + left == 0) {
|
||||
ssl3_release_read_buffer(s);
|
||||
}
|
||||
return i;
|
||||
@ -673,15 +672,15 @@ int ssl3_write_pending(SSL *s, int type, const uint8_t *buf, unsigned int len) {
|
||||
if (i == wb->left) {
|
||||
wb->left = 0;
|
||||
wb->offset += i;
|
||||
if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s)) {
|
||||
if (!SSL_IS_DTLS(s)) {
|
||||
ssl3_release_write_buffer(s);
|
||||
}
|
||||
s->rwstate = SSL_NOTHING;
|
||||
return s->s3->wpend_ret;
|
||||
} else if (i <= 0) {
|
||||
if (SSL_IS_DTLS(s)) {
|
||||
/* For DTLS, just drop it. That's kind of the whole
|
||||
point in using a datagram service */
|
||||
/* For DTLS, just drop it. That's kind of the whole point in
|
||||
* using a datagram service */
|
||||
wb->left = 0;
|
||||
}
|
||||
return i;
|
||||
@ -868,7 +867,7 @@ start:
|
||||
if (rr->length == 0) {
|
||||
s->rstate = SSL_ST_READ_HEADER;
|
||||
rr->off = 0;
|
||||
if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0) {
|
||||
if (s->s3->rbuf.left == 0) {
|
||||
ssl3_release_read_buffer(s);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user