crypto: freelist_max_len is gone in OpenSSL 1.1.0

The freelist_max_len member of SSL* (and the freelist itself) has been removed in OpenSSL 1.1.0. Thus this change will be necessary at some point but, for now, it makes it a little easier to build with 1.1.0 without breaking anything for previous versions of OpenSSL. PR-URL: #10859 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
nodejs · Mar 9, 2017 · 4451019 · 4451019
1 parent e59697c
commit 4451019
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/lib/_tls_common.js b/lib/_tls_common.js
@@ -140,7 +140,9 @@ exports.createSecureContext = function createSecureContext(options, context) {
     }
   }
 
-  // Do not keep read/write buffers in free list
+  // Do not keep read/write buffers in free list for OpenSSL < 1.1.0. (For
+  // OpenSSL 1.1.0, buffers are malloced and freed without the use of a
+  // freelist.)
   if (options.singleUse) {
     c.singleUse = true;
     c.context.setFreeListLength(0);

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
@@ -1148,10 +1148,14 @@ void SecureContext::SetTicketKeys(const FunctionCallbackInfo<Value>& args) {
 
 
 void SecureContext::SetFreeListLength(const FunctionCallbackInfo<Value>& args) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(OPENSSL_IS_BORINGSSL)
+  // |freelist_max_len| was removed in OpenSSL 1.1.0. In that version OpenSSL
+  // mallocs and frees buffers directly, without the use of a freelist.
   SecureContext* wrap;
   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
 
   wrap->ctx_->freelist_max_len = args[0]->Int32Value();
+#endif
 }