feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

ssl: refactoring ProcessBuffer to reduce stack usage:

Browse Source 
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_PemCertToDer to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_X509_load_certificate_file to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_cmp_peer_cert_to_file to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring ProcessFile to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_CertManagerVerify to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_SetTmpDH_file_wrapper to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_writev to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
This commit is contained in:
Moisés Guimarães
2014-08-27 18:45:11 -03:00
parent 82d2aca505
commit 958ec5d578
1 changed files with 49 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
src/ssl.c
View File

@@ -2043,7 +2043,11 @@ int CyaSSL_Init(void)
/* we may have a user cert chain, try to consume */ /* we may have a user cert chain, try to consume */
if (userChain && type == CERT_TYPE && info->consumed < sz) { if (userChain && type == CERT_TYPE && info->consumed < sz) {
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force heap usage */
#else
byte staticBuffer[FILE_BUFFER_SIZE]; /* tmp chain buffer */ byte staticBuffer[FILE_BUFFER_SIZE]; /* tmp chain buffer */
#endif
byte* chainBuffer = staticBuffer; byte* chainBuffer = staticBuffer;
byte* shrinked = NULL; /* shrinked to size chainBuffer byte* shrinked = NULL; /* shrinked to size chainBuffer
* or staticBuffer */ * or staticBuffer */
@@ -2718,7 +2722,11 @@ int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX* ctx,
int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type, int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type,
CYASSL* ssl, int userChain, CYASSL_CRL* crl) CYASSL* ssl, int userChain, CYASSL_CRL* crl)
{ {
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force heap usage */
#else
byte staticBuffer[FILE_BUFFER_SIZE]; byte staticBuffer[FILE_BUFFER_SIZE];
#endif
byte* myBuffer = staticBuffer; byte* myBuffer = staticBuffer;
int dynamic = 0; int dynamic = 0;
int ret; int ret;
@@ -2856,7 +2864,11 @@ int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER* cm, const char* fname,
int format) int format)
{ {
int ret = SSL_FATAL_ERROR; int ret = SSL_FATAL_ERROR;
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force heap usage */
#else
byte staticBuffer[FILE_BUFFER_SIZE]; byte staticBuffer[FILE_BUFFER_SIZE];
#endif
byte* myBuffer = staticBuffer; byte* myBuffer = staticBuffer;
int dynamic = 0; int dynamic = 0;
long sz = 0; long sz = 0;
@@ -3186,7 +3198,11 @@ int CyaSSL_CTX_der_load_verify_locations(CYASSL_CTX* ctx, const char* file,
/* load pem cert from file into der buffer, return der size or error */ /* load pem cert from file into der buffer, return der size or error */
int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
{ {
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force XMALLOC */
#else
byte staticBuffer[FILE_BUFFER_SIZE]; byte staticBuffer[FILE_BUFFER_SIZE];
#endif
byte* fileBuf = staticBuffer; byte* fileBuf = staticBuffer;
int dynamic = 0; int dynamic = 0;
int ret; int ret;
@@ -3366,7 +3382,11 @@ int CyaSSL_CTX_SetTmpDH_buffer(CYASSL_CTX* ctx, const unsigned char* buf,
static int CyaSSL_SetTmpDH_file_wrapper(CYASSL_CTX* ctx, CYASSL* ssl, static int CyaSSL_SetTmpDH_file_wrapper(CYASSL_CTX* ctx, CYASSL* ssl,
const char* fname, int format) const char* fname, int format)
{ {
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force heap usage */
#else
byte staticBuffer[FILE_BUFFER_SIZE]; byte staticBuffer[FILE_BUFFER_SIZE];
#endif
byte* myBuffer = staticBuffer; byte* myBuffer = staticBuffer;
int dynamic = 0; int dynamic = 0;
int ret; int ret;
@@ -5670,10 +5690,14 @@ int CyaSSL_set_compression(CYASSL* ssl)
because of SSL_write behavior and because front adds may be small */ because of SSL_write behavior and because front adds may be small */
int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, int iovcnt) int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, int iovcnt)
{ {
byte tmp[FILE_BUFFER_SIZE]; #ifdef CYASSL_SMALL_STACK
byte* myBuffer = tmp; byte staticBuffer[1]; /* force heap usage */
#else
byte staticBuffer[FILE_BUFFER_SIZE];
#endif
byte* myBuffer = staticBuffer;
int dynamic = 0;
int sending = 0; int sending = 0;
int newBuffer = 0;
int idx = 0; int idx = 0;
int i; int i;
int ret; int ret;
@@ -5683,13 +5707,13 @@ int CyaSSL_set_compression(CYASSL* ssl)
for (i = 0; i < iovcnt; i++) for (i = 0; i < iovcnt; i++)
sending += (int)iov[i].iov_len; sending += (int)iov[i].iov_len;
if (sending > (int)sizeof(tmp)) { if (sending > (int)sizeof(staticBuffer)) {
byte* tmp2 = (byte*) XMALLOC(sending, ssl->heap, myBuffer = (byte*)XMALLOC(sending, ssl->heap,
DYNAMIC_TYPE_WRITEV); DYNAMIC_TYPE_WRITEV);
if (!tmp2) if (!myBuffer)
return MEMORY_ERROR; return MEMORY_ERROR;
myBuffer = tmp2;
newBuffer = 1; dynamic = 1;
} }
for (i = 0; i < iovcnt; i++) { for (i = 0; i < iovcnt; i++) {
@@ -5699,7 +5723,8 @@ int CyaSSL_set_compression(CYASSL* ssl)
ret = CyaSSL_write(ssl, myBuffer, sending); ret = CyaSSL_write(ssl, myBuffer, sending);
if (newBuffer) XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV); if (dynamic)
XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV);
return ret; return ret;
} }
@@ -8315,11 +8340,16 @@ CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file)
CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
{ {
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force heap usage */
#else
byte staticBuffer[FILE_BUFFER_SIZE]; byte staticBuffer[FILE_BUFFER_SIZE];
#endif
byte* fileBuffer = staticBuffer; byte* fileBuffer = staticBuffer;
int dynamic = 0; int dynamic = 0;
long sz = 0; long sz = 0;
XFILE file; XFILE file;
CYASSL_X509* x509 = NULL; CYASSL_X509* x509 = NULL;
buffer der; buffer der;
@@ -9765,12 +9795,16 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
{ {
XFILE file = XBADFILE; XFILE file = XBADFILE;
long sz = 0; long sz = 0;
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force heap usage */
#else
byte staticBuffer[FILE_BUFFER_SIZE]; byte staticBuffer[FILE_BUFFER_SIZE];
#endif
byte* myBuffer = staticBuffer; byte* myBuffer = staticBuffer;
int dynamic = 0;
CYASSL_CTX* ctx = ssl->ctx; CYASSL_CTX* ctx = ssl->ctx;
buffer fileDer; buffer fileDer;
int eccKey = 0; int eccKey = 0;
int dynamic = 0;
CYASSL_X509* peer_cert = &ssl->peerCert; CYASSL_X509* peer_cert = &ssl->peerCert;
#ifdef CYASSL_SMALL_STACK #ifdef CYASSL_SMALL_STACK
EncryptedInfo* info; EncryptedInfo* info;