Always enable SSL_MODE_RELEASE_BUFFERS.

There's no real need to ever disable it, so this is one fewer configuration to test. It's still disabled for DTLS, but a follow-up will resolve that. Change-Id: Ia95ad8c17ae8236ada516b3968a81c684bf37fd9 Reviewed-on: https://boringssl-review.googlesource.com/4683 Reviewed-by: Adam Langley <agl@google.com>
há 9 anos · aebefed905
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -523,14 +523,11 @@ struct ssl_session_st {
 #define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
 /* Don't attempt to automatically build certificate chain */
 #define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
 /* Save RAM by releasing read and write buffers when they're empty. (SSL3 and
 * TLS only.)  "Released" buffers are put onto a free-list in the context or
 * just freed (depending on the context's setting for freelist_max_len). */
 #define SSL_MODE_RELEASE_BUFFERS 0x00000010L

 /* The following flags do nothing and are included only to make it easier to
 * compile code with BoringSSL. */
 #define SSL_MODE_AUTO_RETRY 0
 #define SSL_MODE_RELEASE_BUFFERS 0

 /* Send the current time in the Random fields of the ClientHello and
 * ServerHello records for compatibility with hypothetical implementations that
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -232,8 +232,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) {

    if (i <= 0) {
      rb->left = left;
      if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s) &&
          len + left == 0) {
      if (!SSL_IS_DTLS(s) && len + left == 0) {
        ssl3_release_read_buffer(s);
      }
      return i;
@@ -673,15 +672,15 @@ int ssl3_write_pending(SSL *s, int type, const uint8_t *buf, unsigned int len) {
    if (i == wb->left) {
      wb->left = 0;
      wb->offset += i;
      if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s)) {
      if (!SSL_IS_DTLS(s)) {
        ssl3_release_write_buffer(s);
      }
      s->rwstate = SSL_NOTHING;
      return s->s3->wpend_ret;
    } else if (i <= 0) {
      if (SSL_IS_DTLS(s)) {
        /* For DTLS, just drop it. That's kind of the whole
           point in using a datagram service */
        /* For DTLS, just drop it. That's kind of the whole point in
         * using a datagram service */
        wb->left = 0;
      }
      return i;
@@ -868,7 +867,7 @@ start:
      if (rr->length == 0) {
        s->rstate = SSL_ST_READ_HEADER;
        rr->off = 0;
        if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0) {
        if (s->s3->rbuf.left == 0) {
          ssl3_release_read_buffer(s);
        }
      }