1 files changed, 4 insertions, 74 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index b2fd5c6f80..5642e6c175 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -624,76 +624,6 @@ ssl_verify_alarm_type(long type)
        return (al);
 }
-#ifndef OPENSSL_NO_BUF_FREELISTS
-/* On some platforms, malloc() performance is bad enough that you can't just
- * free() and malloc() buffers all the time, so we need to use freelists from
- * unused buffers.  Currently, each freelist holds memory chunks of only a
- * given size (list->chunklen); other sized chunks are freed and malloced.
- * This doesn't help much if you're using many different SSL option settings
- * with a given context.  (The options affecting buffer size are
- * max_send_fragment, read buffer vs write buffer,
- * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
- * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
- * possible size is not an option, since max_send_fragment can take on many
- * different values.
- *
- * If you are on a platform with a slow malloc(), and you're using SSL
- * connections with many different settings for these options, and you need to
- * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
- *    - Link against a faster malloc implementation.
- *    - Use a separate SSL_CTX for each option set.
- *    - Improve this code.
- */
-static void *
-freelist_extract(SSL_CTX *ctx, int for_read, int sz)
-{
-        SSL3_BUF_FREELIST *list;
-        SSL3_BUF_FREELIST_ENTRY *ent = NULL;
-        void *result = NULL;
-        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-        list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-        if (list != NULL && sz == (int)list->chunklen)
-                ent = list->head;
-        if (ent != NULL) {
-                list->head = ent->next;
-                result = ent;
-                if (--list->len == 0)
-                        list->chunklen = 0;
-        }
-        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-        if (!result)
-                result = OPENSSL_malloc(sz);
-        return result;
-}
-static void
-freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
-{
-        SSL3_BUF_FREELIST *list;
-        SSL3_BUF_FREELIST_ENTRY *ent;
-        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-        list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-        if (list != NULL && (sz == list->chunklen || list->chunklen == 0) &&
-            list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
-                list->chunklen = sz;
-                ent = mem;
-                ent->next = list->head;
-                list->head = ent;
-                ++list->len;
-                mem = NULL;
-        }
-        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-        if (mem)
-                OPENSSL_free(mem);
-}
-#else
-#define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
-#define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
-#endif
 int
 ssl3_setup_read_buffer(SSL *s)
 {
@@ -720,7 +650,7 @@ ssl3_setup_read_buffer(SSL *s)
                if (!(s->options & SSL_OP_NO_COMPRESSION))
                        len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
 #endif
-                if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
+                if ((p = OPENSSL_malloc(len)) == NULL)
                        goto err;
                s->s3->rbuf.buf = p;
                s->s3->rbuf.len = len;
@@ -760,7 +690,7 @@ ssl3_setup_write_buffer(SSL *s)
                        len += headerlen + align +
                            SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
-                if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
+                if ((p = OPENSSL_malloc(len)) == NULL)
                        goto err;
                s->s3->wbuf.buf = p;
                s->s3->wbuf.len = len;
@@ -788,7 +718,7 @@ int
 ssl3_release_write_buffer(SSL *s)
 {
        if (s->s3->wbuf.buf != NULL) {
-                freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+                OPENSSL_free(s->s3->wbuf.buf);
                s->s3->wbuf.buf = NULL;
        }
        return 1;
@@ -798,7 +728,7 @@ int
 ssl3_release_read_buffer(SSL *s)
 {
        if (s->s3->rbuf.buf != NULL) {
-                freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+                OPENSSL_free(s->s3->rbuf.buf);
                s->s3->rbuf.buf = NULL;
        }
        return 1;

diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index b2fd5c6f80..5642e6c175 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c
@@ -624,76 +624,6 @@ ssl_verify_alarm_type(long type)
624	return (al);	624	return (al);
625	}	625	}
626		626
627	#ifndef OPENSSL_NO_BUF_FREELISTS
628	/* On some platforms, malloc() performance is bad enough that you can't just
629	* free() and malloc() buffers all the time, so we need to use freelists from
630	* unused buffers. Currently, each freelist holds memory chunks of only a
631	* given size (list->chunklen); other sized chunks are freed and malloced.
632	* This doesn't help much if you're using many different SSL option settings
633	* with a given context. (The options affecting buffer size are
634	* max_send_fragment, read buffer vs write buffer,
635	* SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
636	* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.) Using a separate freelist for every
637	* possible size is not an option, since max_send_fragment can take on many
638	* different values.
639	*
640	* If you are on a platform with a slow malloc(), and you're using SSL
641	* connections with many different settings for these options, and you need to
642	* use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
643	* - Link against a faster malloc implementation.
644	* - Use a separate SSL_CTX for each option set.
645	* - Improve this code.
646	*/
647	static void *
648	freelist_extract(SSL_CTX *ctx, int for_read, int sz)
649	{
650	SSL3_BUF_FREELIST *list;
651	SSL3_BUF_FREELIST_ENTRY *ent = NULL;
652	void *result = NULL;
653
654	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
655	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
656	if (list != NULL && sz == (int)list->chunklen)
657	ent = list->head;
658	if (ent != NULL) {
659	list->head = ent->next;
660	result = ent;
661	if (--list->len == 0)
662	list->chunklen = 0;
663	}
664	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
665	if (!result)
666	result = OPENSSL_malloc(sz);
667	return result;
668	}
669
670	static void
671	freelist_insert(SSL_CTX ctx, int for_read, size_t sz, void mem)
672	{
673	SSL3_BUF_FREELIST *list;
674	SSL3_BUF_FREELIST_ENTRY *ent;
675
676	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
677	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
678	if (list != NULL && (sz == list->chunklen \|\| list->chunklen == 0) &&
679	list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
680	list->chunklen = sz;
681	ent = mem;
682	ent->next = list->head;
683	list->head = ent;
684	++list->len;
685	mem = NULL;
686	}
687
688	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
689	if (mem)
690	OPENSSL_free(mem);
691	}
692	#else
693	#define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
694	#define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
695	#endif
696
697	int	627	int
698	ssl3_setup_read_buffer(SSL *s)	628	ssl3_setup_read_buffer(SSL *s)
699	{	629	{
@@ -720,7 +650,7 @@ ssl3_setup_read_buffer(SSL *s)
720	if (!(s->options & SSL_OP_NO_COMPRESSION))	650	if (!(s->options & SSL_OP_NO_COMPRESSION))
721	len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;	651	len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
722	#endif	652	#endif
723	if ((p = freelist_extract(s->ctx, 1, len)) == NULL)	653	if ((p = OPENSSL_malloc(len)) == NULL)
724	goto err;	654	goto err;
725	s->s3->rbuf.buf = p;	655	s->s3->rbuf.buf = p;
726	s->s3->rbuf.len = len;	656	s->s3->rbuf.len = len;
@@ -760,7 +690,7 @@ ssl3_setup_write_buffer(SSL *s)
760	len += headerlen + align +	690	len += headerlen + align +
761	SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;	691	SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
762		692
763	if ((p = freelist_extract(s->ctx, 0, len)) == NULL)	693	if ((p = OPENSSL_malloc(len)) == NULL)
764	goto err;	694	goto err;
765	s->s3->wbuf.buf = p;	695	s->s3->wbuf.buf = p;
766	s->s3->wbuf.len = len;	696	s->s3->wbuf.len = len;
@@ -788,7 +718,7 @@ int
788	ssl3_release_write_buffer(SSL *s)	718	ssl3_release_write_buffer(SSL *s)
789	{	719	{
790	if (s->s3->wbuf.buf != NULL) {	720	if (s->s3->wbuf.buf != NULL) {
791	freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);	721	OPENSSL_free(s->s3->wbuf.buf);
792	s->s3->wbuf.buf = NULL;	722	s->s3->wbuf.buf = NULL;
793	}	723	}
794	return 1;	724	return 1;
@@ -798,7 +728,7 @@ int
798	ssl3_release_read_buffer(SSL *s)	728	ssl3_release_read_buffer(SSL *s)
799	{	729	{
800	if (s->s3->rbuf.buf != NULL) {	730	if (s->s3->rbuf.buf != NULL) {
801	freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);	731	OPENSSL_free(s->s3->rbuf.buf);
802	s->s3->rbuf.buf = NULL;	732	s->s3->rbuf.buf = NULL;
803	}	733	}
804	return 1;	734	return 1;