This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new b803b0ffe Improve performance for the rare case of handling large OCSP
responses.
b803b0ffe is described below
commit b803b0ffe109a46d23f5fc3d90b5e7866ddfbcce
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Feb 3 09:26:17 2026 +0000
Improve performance for the rare case of handling large OCSP responses.
---
native/src/sslutils.c | 10 +++++-----
xdocs/miscellaneous/changelog.xml | 4 ++++
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/native/src/sslutils.c b/native/src/sslutils.c
index ddcd2816d..f7a79d8b2 100644
--- a/native/src/sslutils.c
+++ b/native/src/sslutils.c
@@ -866,19 +866,19 @@ err:
/* Reads the response from the APR socket to a buffer, and parses the buffer to
return the OCSP response */
-#define ADDLEN 512
+#define BUFFER_SIZE 512
static OCSP_RESPONSE *ocsp_get_resp(apr_pool_t *mp, apr_socket_t *sock)
{
int buflen;
apr_size_t totalread = 0;
apr_size_t readlen;
- char *buf, tmpbuf[ADDLEN];
+ char *buf, tmpbuf[BUFFER_SIZE];
apr_status_t rv = APR_SUCCESS;
apr_pool_t *p;
OCSP_RESPONSE *resp;
apr_pool_create(&p, mp);
- buflen = ADDLEN;
+ buflen = BUFFER_SIZE;
buf = apr_palloc(p, buflen);
if (buf == NULL) {
apr_pool_destroy(p);
@@ -890,12 +890,12 @@ static OCSP_RESPONSE *ocsp_get_resp(apr_pool_t *mp,
apr_socket_t *sock)
rv = apr_socket_recv(sock, tmpbuf, &readlen);
if (rv == APR_SUCCESS) { /* if we have read something .. we can put it
in the buffer*/
if ((totalread + readlen) >= buflen) {
- buf = apr_xrealloc(buf, buflen, buflen + ADDLEN, p);
+ buf = apr_xrealloc(buf, buflen, buflen * 2, p);
if (buf == NULL) {
apr_pool_destroy(p);
return NULL;
}
- buflen += ADDLEN; /* if needed we enlarge the buffer */
+ buflen *= 2; /* if needed we enlarge the buffer */
}
memcpy(buf + totalread, tmpbuf, readlen); /* the copy to the
buffer */
totalread += readlen; /* update the total bytes read */
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 0fcfa0d9f..80589b32b 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -58,6 +58,10 @@
OCSP verification being enabled by default when the expected behaviour
was
disabled by default. (markt)
</fix>
+ <scode>
+ Improve performance for the rare case of handling large OCSP responses.
+ (markt)
+ </scode>
</changelog>
</section>
<section name="2.0.12" rtext="2026-01-12">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
