diff options
author | Ingela Anderton Andin <[email protected]> | 2012-05-31 11:39:46 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2012-06-08 17:34:08 +0200 |
commit | 8e80b89c7aafc70fbcb538c9c6b464912cb11d83 (patch) | |
tree | 6cd7de0d6521d979bcc406bb873261baed0515df /lib/ssl/src/ssl_connection.erl | |
parent | 68a055e261d70d3053694efddc1e5a26bf3553f1 (diff) | |
download | otp-8e80b89c7aafc70fbcb538c9c6b464912cb11d83.tar.gz otp-8e80b89c7aafc70fbcb538c9c6b464912cb11d83.tar.bz2 otp-8e80b89c7aafc70fbcb538c9c6b464912cb11d83.zip |
ssl: File handling optimization
Avoid cach validation with file:file_info/2 as this i too expensive and
causes a bottleneck in the file server. Instead we expose a new API function
ssl:clear_pem_cache/0 to deal with the problem. As we think it will be
of occasional use and the normal case is that the cache will be valid we think
it is the right thing to do.
Convert file paths to binary representation in the ssl API module to
avoid uncessarry calls in file later on.
Also add sanity checks for openssl versions in testsuite due to new
openssl bugs.
Diffstat (limited to 'lib/ssl/src/ssl_connection.erl')
-rw-r--r-- | lib/ssl/src/ssl_connection.erl | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 2abe2d3a6c..ce20e72524 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1094,7 +1094,7 @@ init_certificates(#ssl_options{cacerts = CaCerts, end, init_certificates(Cert, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, CertFile, Role). -init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, "", _) -> +init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, <<>>, _) -> {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, undefined}; init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, CertFile, client) -> @@ -1117,7 +1117,7 @@ init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHan init_certificates(Cert, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, _, _) -> {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, Cert}. -init_private_key(_, undefined, "", _Password, _Client) -> +init_private_key(_, undefined, <<>>, _Password, _Client) -> undefined; init_private_key(DbHandle, undefined, KeyFile, Password, _) -> try @@ -2373,7 +2373,7 @@ get_timeout(#state{ssl_options=#ssl_options{hibernate_after = undefined}}) -> get_timeout(#state{ssl_options=#ssl_options{hibernate_after = HibernateAfter}}) -> HibernateAfter. -handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = ""}}) -> +handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>}}) -> %% No trusted certs specified ok; handle_trusted_certs_db(#state{cert_db_ref = Ref, |