From fbf3560886f4cd172cd9f21c4f93b0446650d4b5 Mon Sep 17 00:00:00 2001 From: Marc Hoersken Date: Sat, 6 Oct 2012 13:59:28 +0200 Subject: curl_schannel: Removed buffer limit and optimized buffer strategy Since there are servers that seem to return very big encrypted data packages, we need to be able to handle those without having an internal size limit. To avoid the buffer growing to fast to early the initial size was decreased and the minimum free space in the buffer was decreased as well. --- lib/curl_schannel.c | 27 +++++---------------------- lib/curl_schannel.h | 10 ++-------- 2 files changed, 7 insertions(+), 30 deletions(-) diff --git a/lib/curl_schannel.c b/lib/curl_schannel.c index 7db5f7a0d..f57dc1f4d 100644 --- a/lib/curl_schannel.c +++ b/lib/curl_schannel.c @@ -284,7 +284,7 @@ schannel_connect_step2(struct connectdata *conn, int sockindex) CURLcode code; bool doread; - doread = (connssl->connecting_state != ssl_connect_2_writing)?TRUE:FALSE; + doread = (connssl->connecting_state != ssl_connect_2_writing) ? TRUE : FALSE; infof(data, "schannel: SSL/TLS connection with %s port %hu (step 2/3)\n", conn->host.name, conn->remote_port); @@ -302,12 +302,7 @@ schannel_connect_step2(struct connectdata *conn, int sockindex) /* if we need a bigger buffer to read a full message, increase buffer now */ if(connssl->encdata_length - connssl->encdata_offset < - CURL_SCHANNEL_BUFFER_MIN_SIZE) { - if(connssl->encdata_length >= CURL_SCHANNEL_BUFFER_MAX_SIZE) { - failf(data, "schannel: memory buffer size limit reached"); - return CURLE_OUT_OF_MEMORY; - } - + CURL_SCHANNEL_BUFFER_FREE_SIZE) { /* increase internal encrypted data buffer */ connssl->encdata_length *= CURL_SCHANNEL_BUFFER_STEP_FACTOR; connssl->encdata_buffer = realloc(connssl->encdata_buffer, @@ -831,13 +826,7 @@ schannel_recv(struct connectdata *conn, int sockindex, /* increase buffer in order to fit the requested amount of data */ while(connssl->encdata_length - connssl->encdata_offset < - CURL_SCHANNEL_BUFFER_MIN_SIZE || connssl->encdata_length < len) { - if(connssl->encdata_length >= CURL_SCHANNEL_BUFFER_MAX_SIZE) { - failf(data, "schannel: memory buffer size limit reached"); - *err = CURLE_OUT_OF_MEMORY; - return -1; - } - + CURL_SCHANNEL_BUFFER_FREE_SIZE || connssl->encdata_length < len) { /* increase internal encrypted data buffer */ connssl->encdata_length *= CURL_SCHANNEL_BUFFER_STEP_FACTOR; connssl->encdata_buffer = realloc(connssl->encdata_buffer, @@ -907,16 +896,10 @@ schannel_recv(struct connectdata *conn, int sockindex, inbuf[1].cbBuffer); /* increase buffer in order to fit the received amount of data */ - size = inbuf[1].cbBuffer > CURL_SCHANNEL_BUFFER_MIN_SIZE ? - inbuf[1].cbBuffer : CURL_SCHANNEL_BUFFER_MIN_SIZE; + size = inbuf[1].cbBuffer > CURL_SCHANNEL_BUFFER_FREE_SIZE ? + inbuf[1].cbBuffer : CURL_SCHANNEL_BUFFER_FREE_SIZE; while(connssl->decdata_length - connssl->decdata_offset < size || connssl->decdata_length < len) { - if(connssl->decdata_length >= CURL_SCHANNEL_BUFFER_MAX_SIZE) { - failf(data, "schannel: memory buffer size limit reached"); - *err = CURLE_OUT_OF_MEMORY; - return -1; - } - /* increase internal decrypted data buffer */ connssl->decdata_length *= CURL_SCHANNEL_BUFFER_STEP_FACTOR; connssl->decdata_buffer = realloc(connssl->decdata_buffer, diff --git a/lib/curl_schannel.h b/lib/curl_schannel.h index 909ed1857..37126ac7d 100644 --- a/lib/curl_schannel.h +++ b/lib/curl_schannel.h @@ -93,14 +93,8 @@ #endif -#ifdef BUFSIZE -#define CURL_SCHANNEL_BUFFER_INIT_SIZE BUFSIZE -#else -#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096 -#endif - -#define CURL_SCHANNEL_BUFFER_MIN_SIZE CURL_SCHANNEL_BUFFER_INIT_SIZE / 2 -#define CURL_SCHANNEL_BUFFER_MAX_SIZE CURL_SCHANNEL_BUFFER_INIT_SIZE * 128 +#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096 +#define CURL_SCHANNEL_BUFFER_FREE_SIZE 1024 #define CURL_SCHANNEL_BUFFER_STEP_FACTOR 2 -- cgit v1.2.3