From: tedu <tedu@openbsd.org>
Date: Wed, 16 Apr 2014 21:16:33 +0000 (+0000)
Subject: TANSTAAFL - delete the buf freelist code. if you need a better malloc, get
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=a0065ed1978bddeefeaae81841f9ac055a4f9b67;p=openbsd

TANSTAAFL - delete the buf freelist code. if you need a better malloc, get
a better malloc. ok beck deraadt
---

diff --git a/lib/libssl/s3_both.c b/lib/libssl/s3_both.c
index b2fd5c6f805..5642e6c175a 100644
--- a/lib/libssl/s3_both.c
+++ b/lib/libssl/s3_both.c
@@ -624,76 +624,6 @@ ssl_verify_alarm_type(long type)
 	return (al);
 }
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-/* On some platforms, malloc() performance is bad enough that you can't just
- * free() and malloc() buffers all the time, so we need to use freelists from
- * unused buffers.  Currently, each freelist holds memory chunks of only a
- * given size (list->chunklen); other sized chunks are freed and malloced.
- * This doesn't help much if you're using many different SSL option settings
- * with a given context.  (The options affecting buffer size are
- * max_send_fragment, read buffer vs write buffer,
- * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
- * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
- * possible size is not an option, since max_send_fragment can take on many
- * different values.
- *
- * If you are on a platform with a slow malloc(), and you're using SSL
- * connections with many different settings for these options, and you need to
- * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
- *    - Link against a faster malloc implementation.
- *    - Use a separate SSL_CTX for each option set.
- *    - Improve this code.
- */
-static void *
-freelist_extract(SSL_CTX *ctx, int for_read, int sz)
-{
-	SSL3_BUF_FREELIST *list;
-	SSL3_BUF_FREELIST_ENTRY *ent = NULL;
-	void *result = NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-	if (list != NULL && sz == (int)list->chunklen)
-		ent = list->head;
-	if (ent != NULL) {
-		list->head = ent->next;
-		result = ent;
-		if (--list->len == 0)
-			list->chunklen = 0;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	if (!result)
-		result = OPENSSL_malloc(sz);
-	return result;
-}
-
-static void
-freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
-{
-	SSL3_BUF_FREELIST *list;
-	SSL3_BUF_FREELIST_ENTRY *ent;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-	if (list != NULL && (sz == list->chunklen || list->chunklen == 0) &&
-	    list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
-		list->chunklen = sz;
-		ent = mem;
-		ent->next = list->head;
-		list->head = ent;
-		++list->len;
-		mem = NULL;
-	}
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	if (mem)
-		OPENSSL_free(mem);
-}
-#else
-#define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
-#define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
-#endif
-
 int
 ssl3_setup_read_buffer(SSL *s)
 {
@@ -720,7 +650,7 @@ ssl3_setup_read_buffer(SSL *s)
 		if (!(s->options & SSL_OP_NO_COMPRESSION))
 			len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
 #endif
-		if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
+		if ((p = OPENSSL_malloc(len)) == NULL)
 			goto err;
 		s->s3->rbuf.buf = p;
 		s->s3->rbuf.len = len;
@@ -760,7 +690,7 @@ ssl3_setup_write_buffer(SSL *s)
 			len += headerlen + align +
 			    SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
 
-		if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
+		if ((p = OPENSSL_malloc(len)) == NULL)
 			goto err;
 		s->s3->wbuf.buf = p;
 		s->s3->wbuf.len = len;
@@ -788,7 +718,7 @@ int
 ssl3_release_write_buffer(SSL *s)
 {
 	if (s->s3->wbuf.buf != NULL) {
-		freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+		OPENSSL_free(s->s3->wbuf.buf);
 		s->s3->wbuf.buf = NULL;
 	}
 	return 1;
@@ -798,7 +728,7 @@ int
 ssl3_release_read_buffer(SSL *s)
 {
 	if (s->s3->rbuf.buf != NULL) {
-		freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+		OPENSSL_free(s->s3->rbuf.buf);
 		s->s3->rbuf.buf = NULL;
 	}
 	return 1;
diff --git a/lib/libssl/src/ssl/s3_both.c b/lib/libssl/src/ssl/s3_both.c
index b2fd5c6f805..5642e6c175a 100644
--- a/lib/libssl/src/ssl/s3_both.c
+++ b/lib/libssl/src/ssl/s3_both.c
@@ -624,76 +624,6 @@ ssl_verify_alarm_type(long type)
 	return (al);
 }
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-/* On some platforms, malloc() performance is bad enough that you can't just
- * free() and malloc() buffers all the time, so we need to use freelists from
- * unused buffers.  Currently, each freelist holds memory chunks of only a
- * given size (list->chunklen); other sized chunks are freed and malloced.
- * This doesn't help much if you're using many different SSL option settings
- * with a given context.  (The options affecting buffer size are
- * max_send_fragment, read buffer vs write buffer,
- * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
- * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
- * possible size is not an option, since max_send_fragment can take on many
- * different values.
- *
- * If you are on a platform with a slow malloc(), and you're using SSL
- * connections with many different settings for these options, and you need to
- * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
- *    - Link against a faster malloc implementation.
- *    - Use a separate SSL_CTX for each option set.
- *    - Improve this code.
- */
-static void *
-freelist_extract(SSL_CTX *ctx, int for_read, int sz)
-{
-	SSL3_BUF_FREELIST *list;
-	SSL3_BUF_FREELIST_ENTRY *ent = NULL;
-	void *result = NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-	if (list != NULL && sz == (int)list->chunklen)
-		ent = list->head;
-	if (ent != NULL) {
-		list->head = ent->next;
-		result = ent;
-		if (--list->len == 0)
-			list->chunklen = 0;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	if (!result)
-		result = OPENSSL_malloc(sz);
-	return result;
-}
-
-static void
-freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
-{
-	SSL3_BUF_FREELIST *list;
-	SSL3_BUF_FREELIST_ENTRY *ent;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-	if (list != NULL && (sz == list->chunklen || list->chunklen == 0) &&
-	    list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
-		list->chunklen = sz;
-		ent = mem;
-		ent->next = list->head;
-		list->head = ent;
-		++list->len;
-		mem = NULL;
-	}
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	if (mem)
-		OPENSSL_free(mem);
-}
-#else
-#define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
-#define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
-#endif
-
 int
 ssl3_setup_read_buffer(SSL *s)
 {
@@ -720,7 +650,7 @@ ssl3_setup_read_buffer(SSL *s)
 		if (!(s->options & SSL_OP_NO_COMPRESSION))
 			len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
 #endif
-		if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
+		if ((p = OPENSSL_malloc(len)) == NULL)
 			goto err;
 		s->s3->rbuf.buf = p;
 		s->s3->rbuf.len = len;
@@ -760,7 +690,7 @@ ssl3_setup_write_buffer(SSL *s)
 			len += headerlen + align +
 			    SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
 
-		if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
+		if ((p = OPENSSL_malloc(len)) == NULL)
 			goto err;
 		s->s3->wbuf.buf = p;
 		s->s3->wbuf.len = len;
@@ -788,7 +718,7 @@ int
 ssl3_release_write_buffer(SSL *s)
 {
 	if (s->s3->wbuf.buf != NULL) {
-		freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+		OPENSSL_free(s->s3->wbuf.buf);
 		s->s3->wbuf.buf = NULL;
 	}
 	return 1;
@@ -798,7 +728,7 @@ int
 ssl3_release_read_buffer(SSL *s)
 {
 	if (s->s3->rbuf.buf != NULL) {
-		freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+		OPENSSL_free(s->s3->rbuf.buf);
 		s->s3->rbuf.buf = NULL;
 	}
 	return 1;
diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
index d3e015e738c..cefee6189d8 100644
--- a/lib/libssl/src/ssl/ssl.h
+++ b/lib/libssl/src/ssl/ssl.h
@@ -936,12 +936,6 @@ struct ssl_ctx_st {
 	    unsigned char *psk, unsigned int max_psk_len);
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
-	unsigned int freelist_max_len;
-	struct ssl3_buf_freelist_st *wbuf_freelist;
-	struct ssl3_buf_freelist_st *rbuf_freelist;
-#endif
 #ifndef OPENSSL_NO_SRP
 	SRP_CTX srp_ctx; /* ctx for SRP authentication */
 #endif
diff --git a/lib/libssl/src/ssl/ssl_lib.c b/lib/libssl/src/ssl/ssl_lib.c
index a0882e45215..6db3bd29933 100644
--- a/lib/libssl/src/ssl/ssl_lib.c
+++ b/lib/libssl/src/ssl/ssl_lib.c
@@ -1826,23 +1826,6 @@ SSL_CTX
 #ifndef OPENSSL_NO_SRP
 	SSL_CTX_SRP_CTX_init(ret);
 #endif
-#ifndef OPENSSL_NO_BUF_FREELISTS
-	ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
-	ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-	if (!ret->rbuf_freelist)
-		goto err;
-	ret->rbuf_freelist->chunklen = 0;
-	ret->rbuf_freelist->len = 0;
-	ret->rbuf_freelist->head = NULL;
-	ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-	if (!ret->wbuf_freelist) {
-		OPENSSL_free(ret->rbuf_freelist);
-		goto err;
-	}
-	ret->wbuf_freelist->chunklen = 0;
-	ret->wbuf_freelist->len = 0;
-	ret->wbuf_freelist->head = NULL;
-#endif
 #ifndef OPENSSL_NO_ENGINE
 	ret->client_cert_engine = NULL;
 #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
@@ -1883,19 +1866,6 @@ SSL_COMP_free(SSL_COMP *comp)
 }
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-static void
-ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
-{
-	SSL3_BUF_FREELIST_ENTRY *ent, *next;
-	for (ent = list->head; ent; ent = next) {
-		next = ent->next;
-		OPENSSL_free(ent);
-	}
-	OPENSSL_free(list);
-}
-#endif
-
 void
 SSL_CTX_free(SSL_CTX *a)
 {
@@ -1973,13 +1943,6 @@ SSL_CTX_free(SSL_CTX *a)
 		ENGINE_finish(a->client_cert_engine);
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-	if (a->wbuf_freelist)
-		ssl_buf_freelist_free(a->wbuf_freelist);
-	if (a->rbuf_freelist)
-		ssl_buf_freelist_free(a->rbuf_freelist);
-#endif
-
 	OPENSSL_free(a);
 }
 
diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
index e9c3a6bcd85..c539b1229d6 100644
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h
@@ -594,18 +594,6 @@ typedef struct ssl3_comp_st {
 } SSL3_COMP;
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-typedef struct ssl3_buf_freelist_st {
-	size_t chunklen;
-	unsigned int len;
-	struct ssl3_buf_freelist_entry_st *head;
-} SSL3_BUF_FREELIST;
-
-typedef struct ssl3_buf_freelist_entry_st {
-	struct ssl3_buf_freelist_entry_st *next;
-} SSL3_BUF_FREELIST_ENTRY;
-#endif
-
 extern SSL3_ENC_METHOD ssl3_undef_enc_method;
 OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
 OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index d3e015e738c..cefee6189d8 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -936,12 +936,6 @@ struct ssl_ctx_st {
 	    unsigned char *psk, unsigned int max_psk_len);
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
-	unsigned int freelist_max_len;
-	struct ssl3_buf_freelist_st *wbuf_freelist;
-	struct ssl3_buf_freelist_st *rbuf_freelist;
-#endif
 #ifndef OPENSSL_NO_SRP
 	SRP_CTX srp_ctx; /* ctx for SRP authentication */
 #endif
diff --git a/lib/libssl/ssl/Makefile b/lib/libssl/ssl/Makefile
index 6c8584e80d7..57124e2dc2f 100644
--- a/lib/libssl/ssl/Makefile
+++ b/lib/libssl/ssl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.37 2014/04/16 20:39:09 tedu Exp $
+# $OpenBSD: Makefile,v 1.38 2014/04/16 21:16:33 tedu Exp $
 
 LIB=	ssl
 
@@ -7,7 +7,6 @@ LSSL_SRC=	${SSL_SRC}/ssl
 
 CFLAGS+= -DTERMIOS -DANSI_SOURCE
 CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
-CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS
 CFLAGS+= -I${SSL_SRC}
 
 SRCS=\
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index a0882e45215..6db3bd29933 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1826,23 +1826,6 @@ SSL_CTX
 #ifndef OPENSSL_NO_SRP
 	SSL_CTX_SRP_CTX_init(ret);
 #endif
-#ifndef OPENSSL_NO_BUF_FREELISTS
-	ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
-	ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-	if (!ret->rbuf_freelist)
-		goto err;
-	ret->rbuf_freelist->chunklen = 0;
-	ret->rbuf_freelist->len = 0;
-	ret->rbuf_freelist->head = NULL;
-	ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-	if (!ret->wbuf_freelist) {
-		OPENSSL_free(ret->rbuf_freelist);
-		goto err;
-	}
-	ret->wbuf_freelist->chunklen = 0;
-	ret->wbuf_freelist->len = 0;
-	ret->wbuf_freelist->head = NULL;
-#endif
 #ifndef OPENSSL_NO_ENGINE
 	ret->client_cert_engine = NULL;
 #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
@@ -1883,19 +1866,6 @@ SSL_COMP_free(SSL_COMP *comp)
 }
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-static void
-ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
-{
-	SSL3_BUF_FREELIST_ENTRY *ent, *next;
-	for (ent = list->head; ent; ent = next) {
-		next = ent->next;
-		OPENSSL_free(ent);
-	}
-	OPENSSL_free(list);
-}
-#endif
-
 void
 SSL_CTX_free(SSL_CTX *a)
 {
@@ -1973,13 +1943,6 @@ SSL_CTX_free(SSL_CTX *a)
 		ENGINE_finish(a->client_cert_engine);
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-	if (a->wbuf_freelist)
-		ssl_buf_freelist_free(a->wbuf_freelist);
-	if (a->rbuf_freelist)
-		ssl_buf_freelist_free(a->rbuf_freelist);
-#endif
-
 	OPENSSL_free(a);
 }
 
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index e9c3a6bcd85..c539b1229d6 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -594,18 +594,6 @@ typedef struct ssl3_comp_st {
 } SSL3_COMP;
 #endif
 
-#ifndef OPENSSL_NO_BUF_FREELISTS
-typedef struct ssl3_buf_freelist_st {
-	size_t chunklen;
-	unsigned int len;
-	struct ssl3_buf_freelist_entry_st *head;
-} SSL3_BUF_FREELIST;
-
-typedef struct ssl3_buf_freelist_entry_st {
-	struct ssl3_buf_freelist_entry_st *next;
-} SSL3_BUF_FREELIST_ENTRY;
-#endif
-
 extern SSL3_ENC_METHOD ssl3_undef_enc_method;
 OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
 OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];