This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 2dc9e7053f Align buffer use pattern with the FFM code
2dc9e7053f is described below
commit 2dc9e7053f39b6579506b0ce632a9c6d26b9411e
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Mar 19 15:55:49 2026 +0000
Align buffer use pattern with the FFM code
This uses 18KB of memory per connection.
---
java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 10 ++--------
webapps/docs/changelog.xml | 8 ++++++++
2 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 7e0fc8078a..80138fd79f 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -136,6 +136,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private final OpenSSLState state;
private final Cleanable cleanable;
+ private ByteBuffer buf =
ByteBuffer.allocateDirect(MAX_ENCRYPTED_PACKET_LENGTH);
private enum Accepted {
NOT,
@@ -228,6 +229,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
// internal errors can cause shutdown without marking the engine
closed
isInboundDone = isOutboundDone = engineClosed = true;
cleanable.clean();
+ ByteBufferUtils.cleanDirectBuffer(buf);
}
}
@@ -254,7 +256,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
return sslWrote;
}
} else {
- ByteBuffer buf = ByteBuffer.allocateDirect(len);
try {
final long addr = Buffer.address(buf);
@@ -275,7 +276,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
} finally {
buf.clear();
- ByteBufferUtils.cleanDirectBuffer(buf);
}
}
@@ -302,7 +302,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
return netWrote;
}
} else {
- ByteBuffer buf = ByteBuffer.allocateDirect(len);
try {
final long addr = Buffer.address(buf);
@@ -320,7 +319,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
} finally {
buf.clear();
- ByteBufferUtils.cleanDirectBuffer(buf);
}
}
@@ -349,7 +347,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
final int pos = dst.position();
final int limit = dst.limit();
final int len = Math.min(MAX_ENCRYPTED_PACKET_LENGTH, limit - pos);
- final ByteBuffer buf = ByteBuffer.allocateDirect(len);
try {
final long addr = Buffer.address(buf);
@@ -365,7 +362,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
} finally {
buf.clear();
- ByteBufferUtils.cleanDirectBuffer(buf);
}
}
@@ -390,7 +386,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
checkLastError();
}
} else {
- final ByteBuffer buf = ByteBuffer.allocateDirect(pending);
try {
final long addr = Buffer.address(buf);
@@ -407,7 +402,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
} finally {
buf.clear();
- ByteBufferUtils.cleanDirectBuffer(buf);
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 38a015b8f3..8afa5179d7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,14 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 10.1.54 (schultz)" rtext="in development">
+ <subsection name="Coyote">
+ <changelog>
+ <update>
+ Align buffer reuse of the OpenSSLEngine for tomcat-native with the FFM
+ code. (remm)
+ </update>
+ </changelog>
+ </subsection>
</section>
<section name="Tomcat 10.1.53 (schultz)" rtext="release in progress">
<subsection name="Catalina">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
