Ralf,
There is one problem with your patch. < len should be changed to >=len
'cos only then we have enought space for storing data.
Memory management make me not happy.
Do you remember problem with apache when relatively small number of
header lines required multimegabytes of memory. I'm afraid that in case
of lot of fragments we will have the same sithuation.
YOu know apache do not free memory you took using ap_palloc until you
finish with the request.
Imagine sithuation. We have 1M file to send, and it is fragmented in 20k
fragments. Therefore we need 8k + 28k + 48k + ... + 1008k =~ 25M !!!
with 2M file and the same fragmentation this will be 100M.
I'm quite new witj SSL and therefore have no idea HOW REALISTIC this
sithuation is. But in my logs while debuging before crash I got sequence
of the following fragments: 10780/18437 + 1628/1628 +
18437/18437 + 175/175 + 18437/18437 + crash
Solution to the problem.
Apply more agresive memory request policy - allways double buffer size
[and add size of chunk to be added]. This way amount of "lost" memory
will allways be less than buffer allocated. Therefore in the worst case
we will use <4times the memory realy needed.
[1M => 8k + 36k + 92k + 204k + 428k +876k + 1762k = 3406k ]
[2M => 8k + 36k + 92k + 204k + 428k +876k + 1762k + 3426k = 6832k ]
May be i'm totaly wrong but I would like to trade several kb gain of
your method when we have couple of small chuncs to guarantees that even
in worst case server will be able to handle the request and even several
simultaneous requests.
Patch against 2.4.5 provided bellow.
--
Aidas Kasparas
Network Manager
Lifosa AB
P.S. Regardless .com I'm from Lithuania - therefore no restrictions for
crypto export.
Index: ssl_engine_io.c
===================================================================
RCS file:
/e/modssl/cvs/mod_ssl/pkg.apache/src/modules/ssl/ssl_engine_io.c,v
retrieving revision 1.25
diff -u -r1.25 ssl_engine_io.c
--- ssl_engine_io.c 1999/07/29 09:46:13 1.25
+++ ssl_engine_io.c 1999/10/05 10:16:35
@@ -161,18 +161,30 @@
if ((ss = ap_ctx_get(r->ctx, "ssl::io::suck")) == NULL)
return;
- if (((ss->bufptr+ss->buflen)-(ss->pendptr+ss->pendlen)) < len) {
- /* "expand" buffer */
+ if (((ss->bufptr + ss->buflen) - (ss->pendptr + ss->pendlen)) <
len) {
+ /* "expand" buffer: actually we cannot really expand the buffer
+ here, because Apache's pool system doesn't support expanding
chunks
+ of memory. Instead we have to either reuse processed data or
+ allocate a new chunk of memory in advance if we really need
more
+ memory. */
int newlen;
char *newptr;
- if (ss->buflen < len)
- newlen = ss->buflen * 2;
- else
- newlen = ss->buflen + len;
- newptr = ap_palloc(r->pool, newlen);
- memcpy(newptr, ss->bufptr, ss->buflen);
- ss->bufptr = newptr;
- ss->buflen = newlen;
+
+ if (( (ss->pendptr - ss->bufptr)
+ + ((ss->bufptr + ss->buflen) - (ss->pendptr +
ss->pendlen)) ) >= len) {
+ /* make memory available by reusing already processed data
*/
+ memmove(ss->bufptr, ss->pendptr, ss->pendlen);
+ ss->pendptr = ss->bufptr;
+ }
+ else {
+ /* too bad, we have to allocate a new larger buffer */
+ newlen = (ss->buflen * 2) + len;
+ newptr = ap_palloc(r->pool, newlen);
+ ss->bufptr = newptr;
+ ss->buflen = newlen;
+ memcpy(ss->bufptr, ss->pendptr, ss->pendlen);
+ ss->pendptr = ss->bufptr;
+ }
}
memcpy(ss->pendptr+ss->pendlen, buf, len);
ss->pendlen += len;
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
