Google Git
Sign in
boringssl/boringssl.git/d519bf6be0b447fb80fbc539d4bff4479b5482a2^!/./ssl/ssl_cert.c
commit
d519bf6be0b447fb80fbc539d4bff4479b5482a2
[log]
author
Adam Langley <agl@google.com>
Mon Dec 12 11:16:44 2016 -0800
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tue Dec 13 18:54:22 2016 +0000
tree
ffd2ed2f36911ea4ff6ff0ff70ebacbd0d4337d7
parent
68e7124ddf3680302650b7c10cccdef039a72202 [diff] [blame]
Add |SSL_CTX_set0_buffer_pool|.

This currently only works for certificates parsed from the network, but
if making several connections that share certificates, some KB of memory
might be saved.

BUG=chromium:671420

Change-Id: I1c7a71d84e1976138641f71830aafff87f795f9d
Reviewed-on: https://boringssl-review.googlesource.com/12706
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 66ee068..7711cd1 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c

@@ -464,7 +464,8 @@
 
 STACK_OF(CRYPTO_BUFFER) *ssl_parse_cert_chain(uint8_t *out_alert,
                                               uint8_t *out_leaf_sha256,
-                                              CBS *cbs) {
+                                              CBS *cbs,
+                                              CRYPTO_BUFFER_POOL *pool) {
   STACK_OF(CRYPTO_BUFFER) *ret = sk_CRYPTO_BUFFER_new_null();
   if (ret == NULL) {
     *out_alert = SSL_AD_INTERNAL_ERROR;
@@ -493,7 +494,8 @@
       SHA256(CBS_data(&certificate), CBS_len(&certificate), out_leaf_sha256);
     }
 
-    CRYPTO_BUFFER *buf = CRYPTO_BUFFER_new_from_CBS(&certificate, NULL);
+    CRYPTO_BUFFER *buf =
+        CRYPTO_BUFFER_new_from_CBS(&certificate, pool);
     if (buf == NULL) {
       *out_alert = SSL_AD_DECODE_ERROR;
       goto err;