]> granicus.if.org Git - icinga2/commitdiff
projects / icinga2 / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 415f1d3)
Fixed excessive CPU usage during SSL negotiation.
authorGunnar Beutner <gunnar.beutner@netways.de>
Fri, 27 Apr 2012 12:15:22 +0000 (14:15 +0200)
committerGunnar Beutner <gunnar.beutner@netways.de>
Fri, 27 Apr 2012 12:47:29 +0000 (14:47 +0200)
base/tlsclient.cpp patch | blob | history
base/tlsclient.h patch | blob | history

diff --git a/base/tlsclient.cpp b/base/tlsclient.cpp
index 05bfaf259fe3444d8b55ee73a6a5c64ae4f18546..aa90f411918d8856ef2eea891f2895a6b72bd25d 100644 (file)
--- a/base/tlsclient.cpp
+++ b/base/tlsclient.cpp
@@ -8,6 +8,8 @@ bool I2_EXPORT TLSClient::m_SSLIndexInitialized = false;
 TLSClient::TLSClient(TCPClientRole role, shared_ptr<SSL_CTX> sslContext) : TCPClient(role)
 {
        m_SSLContext = sslContext;
+       m_BlockRead = false;
+       m_BlockWrite = false;
 }
 
 void TLSClient::NullCertificateDeleter(X509 *certificate)
@@ -60,6 +62,9 @@ int TLSClient::ReadableEventHandler(const EventArgs& ea)
 {
        int rc;
 
+       m_BlockRead = false;
+       m_BlockWrite = false;
+
        size_t bufferSize = FIFO::BlockSize / 2;
        char *buffer = (char *)GetRecvQueue()->GetWriteBuffer(&bufferSize);
        rc = SSL_read(m_SSL.get(), buffer, bufferSize);
@@ -67,6 +72,8 @@ int TLSClient::ReadableEventHandler(const EventArgs& ea)
        if (rc <= 0) {
                switch (SSL_get_error(m_SSL.get(), rc)) {
                        case SSL_ERROR_WANT_WRITE:
+                               m_BlockRead = true;
+                               /* fall through */
                        case SSL_ERROR_WANT_READ:
                                return 0;
                        case SSL_ERROR_ZERO_RETURN:
@@ -93,12 +100,17 @@ int TLSClient::WritableEventHandler(const EventArgs& ea)
 {
        int rc;
 
+       m_BlockRead = false;
+       m_BlockWrite = false;
+
        rc = SSL_write(m_SSL.get(), (const char *)GetSendQueue()->GetReadBuffer(), GetSendQueue()->GetSize());
 
        if (rc <= 0) {
                switch (SSL_get_error(m_SSL.get(), rc)) {
-                       case SSL_ERROR_WANT_WRITE:
                        case SSL_ERROR_WANT_READ:
+                               m_BlockWrite = true;
+                               /* fall through */
+                       case SSL_ERROR_WANT_WRITE:
                                return 0;
                        case SSL_ERROR_ZERO_RETURN:
                                Close();
@@ -121,6 +133,9 @@ bool TLSClient::WantsToRead(void) const
        if (SSL_want_read(m_SSL.get()))
                return true;
 
+       if (m_BlockRead)
+               return false;
+
        return TCPClient::WantsToRead();
 }
 
@@ -129,6 +144,9 @@ bool TLSClient::WantsToWrite(void) const
        if (SSL_want_write(m_SSL.get()))
                return true;
 
+       if (m_BlockWrite)
+               return false;
+
        return TCPClient::WantsToWrite();
 }
 
diff --git a/base/tlsclient.h b/base/tlsclient.h
index 5614f27e78082a70a3441ec6341e78d5bfe8ffd2..108b05408fb7c40cb699ca438e88155845941826 100644 (file)
--- a/base/tlsclient.h
+++ b/base/tlsclient.h
@@ -17,6 +17,9 @@ private:
        shared_ptr<SSL_CTX> m_SSLContext;
        shared_ptr<SSL> m_SSL;
 
+       bool m_BlockRead;
+       bool m_BlockWrite;
+
        static int m_SSLIndex;
        static bool m_SSLIndexInitialized;
 
Unnamed repository; edit this file 'description' to name the repository.