reduce memory usage in tls

pull/1524/head^2
Darien Raymond 6 years ago
parent c81531fc77
commit ab87c240f7
No known key found for this signature in database
GPG Key ID: 7251FFA14BB18169

@ -2,20 +2,62 @@
package tls
import "crypto/x509"
import (
"crypto/x509"
"sync"
func (c *Config) getCertPool() *x509.CertPool {
pool, err := x509.SystemCertPool()
if err != nil {
newError("failed to get system cert pool.").Base(err).WriteToLog()
"v2ray.com/core/common/compare"
)
type certPoolCache struct {
sync.Mutex
once sync.Once
pool *x509.CertPool
extraCerts [][]byte
}
func (c *certPoolCache) hasCert(cert []byte) bool {
for _, xCert := range c.extraCerts {
if compare.BytesEqual(xCert, cert) {
return true
}
}
return false
}
func (c *certPoolCache) get(extraCerts []*Certificate) *x509.CertPool {
c.once.Do(func() {
pool, err := x509.SystemCertPool()
if err != nil {
newError("failed to get system cert pool.").Base(err).WriteToLog()
return
}
c.pool = pool
})
if c.pool == nil {
return nil
}
if pool != nil {
for _, cert := range c.Certificate {
if cert.Usage == Certificate_AUTHORITY_VERIFY {
pool.AppendCertsFromPEM(cert.Certificate)
}
if len(extraCerts) == 0 {
return c.pool
}
c.Lock()
defer c.Unlock()
for _, cert := range extraCerts {
if !c.hasCert(cert.Certificate) {
c.pool.AppendCertsFromPEM(cert.Certificate)
c.extraCerts = append(c.extraCerts, cert.Certificate)
}
}
return pool
return c.pool
}
var combineCertPool certPoolCache
func (c *Config) getCertPool() *x509.CertPool {
return combineCertPool.get(c.Certificate)
}

Loading…
Cancel
Save