Mercurial > hg > nginx

changeset 1779:06014cfdb5b1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
create ssl buffer on demand and free it before keep-alive
author Igor Sysoev <igor@sysoev.ru>
date Wed, 26 Dec 2007 21:07:30 +0000
parents 14510c3cc6cb
children 74840e606733
files src/event/ngx_event_openssl.c src/event/ngx_event_openssl.h src/http/ngx_http_request.c
diffstat 3 files changed, 38 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -344,14 +344,7 @@ ngx_ssl_create_connection(ngx_ssl_t *ssl
         return NGX_ERROR;
     }
 
-    if (flags & NGX_SSL_BUFFER) {
-        sc->buffer = 1;
-
-        sc->buf = ngx_create_temp_buf(c->pool, NGX_SSL_BUFSIZE);
-        if (sc->buf == NULL) {
-            return NGX_ERROR;
-        }
-    }
+    sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
 
     sc->connection = SSL_new(ssl->ctx);
 
@@ -804,8 +797,28 @@ ngx_ssl_send_chain(ngx_connection_t *c, 
         limit = NGX_MAX_UINT32_VALUE - ngx_pagesize;
     }
 
-
     buf = c->ssl->buf;
+
+    if (buf == NULL) {
+        buf = ngx_create_temp_buf(c->pool, NGX_SSL_BUFSIZE);
+        if (buf == NULL) {
+            return NGX_CHAIN_ERROR;
+        }
+
+        c->ssl->buf = buf;
+    }
+
+    if (buf->start == NULL) {
+        buf->start = ngx_palloc(c->pool, NGX_SSL_BUFSIZE);
+        if (buf->start == NULL) {
+            return NGX_CHAIN_ERROR;
+        }
+
+        buf->pos = buf->start;
+        buf->last = buf->start;
+        buf->end = buf->start + NGX_SSL_BUFSIZE;
+    }
+
     send = 0;
     flush = (in == NULL) ? 1 : 0;
 
@@ -980,6 +993,15 @@ ngx_ssl_read_handler(ngx_event_t *rev)
 }
 
 
+void
+ngx_ssl_free_buffer(ngx_connection_t *c)
+{
+    if (ngx_pfree(c->pool, c->ssl->buf->start) == NGX_OK) {
+        c->ssl->buf->start = NULL;
+    }
+}
+
+
 ngx_int_t
 ngx_ssl_shutdown(ngx_connection_t *c)
 {
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -132,6 +132,7 @@ ssize_t ngx_ssl_write(ngx_connection_t *
 ssize_t ngx_ssl_recv_chain(ngx_connection_t *c, ngx_chain_t *cl);
 ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in,
     off_t limit);
+void ngx_ssl_free_buffer(ngx_connection_t *c);
 ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c);
 void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
     char *fmt, ...);
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -2112,6 +2112,12 @@ ngx_http_set_keepalive(ngx_http_request_
         hc->nbusy = 0;
     }
 
+#if (NGX_HTTP_SSL)
+    if (c->ssl) {
+        ngx_ssl_free_buffer(c);
+    }
+#endif
+
     rev->handler = ngx_http_keepalive_handler;
 
     if (wev->active && (ngx_event_flags & NGX_USE_LEVEL_EVENT)) {