github
/
v2ray-core
mirror of https://github.com/v2ray/v2ray-core
1
0
Fork 0
Code Issues Releases Wiki Activity

reduce memory usage in tls

pull/1524/head^2
Darien Raymond 2018-08-09 13:30:29 +02:00
parent c81531fc77
commit ab87c240f7
No known key found for this signature in database
GPG Key ID: 7251FFA14BB18169
1 changed files with 55 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
transport/internet/tls/config_other.go
View File

@ -2,20 +2,62 @@
package tls package tls
import "crypto/x509" import (
"crypto/x509"
"sync"
func (c *Config) getCertPool() *x509.CertPool { "v2ray.com/core/common/compare"
)
type certPoolCache struct {
sync.Mutex
once sync.Once
pool *x509.CertPool
extraCerts [][]byte
}
func (c *certPoolCache) hasCert(cert []byte) bool {
for _, xCert := range c.extraCerts {
if compare.BytesEqual(xCert, cert) {
return true
}
}
return false
}
func (c *certPoolCache) get(extraCerts []*Certificate) *x509.CertPool {
c.once.Do(func() {
pool, err := x509.SystemCertPool() pool, err := x509.SystemCertPool()
if err != nil { if err != nil {
newError("failed to get system cert pool.").Base(err).WriteToLog() newError("failed to get system cert pool.").Base(err).WriteToLog()
return
}
c.pool = pool
})
if c.pool == nil {
return nil return nil
} }
if pool != nil {
for _, cert := range c.Certificate { if len(extraCerts) == 0 {
if cert.Usage == Certificate_AUTHORITY_VERIFY { return c.pool
pool.AppendCertsFromPEM(cert.Certificate) }
c.Lock()
defer c.Unlock()
for _, cert := range extraCerts {
if !c.hasCert(cert.Certificate) {
c.pool.AppendCertsFromPEM(cert.Certificate)
c.extraCerts = append(c.extraCerts, cert.Certificate)
} }
} }
return c.pool
} }
return pool
var combineCertPool certPoolCache
func (c *Config) getCertPool() *x509.CertPool {
return combineCertPool.get(c.Certificate)
} }