On Sat, Sep 29, 2007 at 03:14:29PM -0400, Thor Lancelot Simon wrote: > In s3_srvr.c, in ssl3_accept, one finds a BUF_MEM_new() followed > by a BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH). This allocates a > 16K buffer per SSL session for use during the handshake. > > When the handshake is complete, BUF_MEM_free() zeroizes this buffer.
Looking at this more closely -- it appears to me that this buffer is only used for transmit, never for receive, so we can know its size a priori. It also appears to be the case that nothing ever puts more than 32 bytes of data in this buffer except for ssl3_send_certificate_request and ssl3_send_server_key_exchange, both of which grow it to whatever size they need. So, I think the BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH) in ssl3_accept could actually be BUF_MEM_GROW(buf, 32), which would save a whole lot of bzeroing at BUF_MEM_free time. Does anyone think otherwise? Thor ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
