From: Gunnar Beutner Date: Fri, 27 Apr 2012 12:15:22 +0000 (+0200) Subject: Fixed excessive CPU usage during SSL negotiation. X-Git-Tag: v0.0.1~568 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7e2b8d90a58667f67dfeb33b6a236e27ee229f19;p=icinga2 Fixed excessive CPU usage during SSL negotiation. --- diff --git a/base/tlsclient.cpp b/base/tlsclient.cpp index 05bfaf259..aa90f4119 100644 --- a/base/tlsclient.cpp +++ b/base/tlsclient.cpp @@ -8,6 +8,8 @@ bool I2_EXPORT TLSClient::m_SSLIndexInitialized = false; TLSClient::TLSClient(TCPClientRole role, shared_ptr sslContext) : TCPClient(role) { m_SSLContext = sslContext; + m_BlockRead = false; + m_BlockWrite = false; } void TLSClient::NullCertificateDeleter(X509 *certificate) @@ -60,6 +62,9 @@ int TLSClient::ReadableEventHandler(const EventArgs& ea) { int rc; + m_BlockRead = false; + m_BlockWrite = false; + size_t bufferSize = FIFO::BlockSize / 2; char *buffer = (char *)GetRecvQueue()->GetWriteBuffer(&bufferSize); rc = SSL_read(m_SSL.get(), buffer, bufferSize); @@ -67,6 +72,8 @@ int TLSClient::ReadableEventHandler(const EventArgs& ea) if (rc <= 0) { switch (SSL_get_error(m_SSL.get(), rc)) { case SSL_ERROR_WANT_WRITE: + m_BlockRead = true; + /* fall through */ case SSL_ERROR_WANT_READ: return 0; case SSL_ERROR_ZERO_RETURN: @@ -93,12 +100,17 @@ int TLSClient::WritableEventHandler(const EventArgs& ea) { int rc; + m_BlockRead = false; + m_BlockWrite = false; + rc = SSL_write(m_SSL.get(), (const char *)GetSendQueue()->GetReadBuffer(), GetSendQueue()->GetSize()); if (rc <= 0) { switch (SSL_get_error(m_SSL.get(), rc)) { - case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_READ: + m_BlockWrite = true; + /* fall through */ + case SSL_ERROR_WANT_WRITE: return 0; case SSL_ERROR_ZERO_RETURN: Close(); @@ -121,6 +133,9 @@ bool TLSClient::WantsToRead(void) const if (SSL_want_read(m_SSL.get())) return true; + if (m_BlockRead) + return false; + return TCPClient::WantsToRead(); } @@ -129,6 +144,9 @@ bool TLSClient::WantsToWrite(void) const if (SSL_want_write(m_SSL.get())) return true; + if (m_BlockWrite) + return false; + return TCPClient::WantsToWrite(); } diff --git a/base/tlsclient.h b/base/tlsclient.h index 5614f27e7..108b05408 100644 --- a/base/tlsclient.h +++ b/base/tlsclient.h @@ -17,6 +17,9 @@ private: shared_ptr m_SSLContext; shared_ptr m_SSL; + bool m_BlockRead; + bool m_BlockWrite; + static int m_SSLIndex; static bool m_SSLIndexInitialized;