crypto: freelist_max_len is gone in OpenSSL 1.1.0

The freelist_max_len member of SSL* (and the freelist itself) has been removed in OpenSSL 1.1.0. Thus this change will be necessary at some point but, for now, it makes it a little easier to build with 1.1.0 without breaking anything for previous versions of OpenSSL. PR-URL: https://github.com/nodejs/node/pull/10859 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
2017-01-17 12:04:40 -08:00 · 2017-01-17 12:04:40 -08:00 · a57e2f2138
commit a57e2f2138
parent 6b6123cfbe
2 changed files with 7 additions and 1 deletions
--- a/lib/_tls_common.js
+++ b/lib/_tls_common.js
@ -134,7 +134,9 @@ exports.createSecureContext = function createSecureContext(options, context) {
    }
  }

-  // Do not keep read/write buffers in free list
+  // Do not keep read/write buffers in free list for OpenSSL < 1.1.0. (For
+  // OpenSSL 1.1.0, buffers are malloced and freed without the use of a
+  // freelist.)
  if (options.singleUse) {
    c.singleUse = true;
    c.context.setFreeListLength(0);
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@ -1147,10 +1147,14 @@ void SecureContext::SetTicketKeys(const FunctionCallbackInfo<Value>& args) {


 void SecureContext::SetFreeListLength(const FunctionCallbackInfo<Value>& args) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(OPENSSL_IS_BORINGSSL)
+  // |freelist_max_len| was removed in OpenSSL 1.1.0. In that version OpenSSL
+  // mallocs and frees buffers directly, without the use of a freelist.
  SecureContext* wrap;
  ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());

  wrap->ctx_->freelist_max_len = args[0]->Int32Value();
+#endif
 }