Make ParsedOptions a std::shared_ptr to reduce re-parsing

diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc
index a7cd94db5ce5530869154f16e7e67d3e79d9c9d3..16f20845ed4ad202edfe84cd0b8c5dbca0645bf0 100644 (file)
--- a/src/security/PeerOptions.cc
+++ b/src/security/PeerOptions.cc
@@ -34,6 +34,7 @@ Security::PeerOptions::PeerOptions(const Security::PeerOptions &p) :
     sslCipher(p.sslCipher),
     sslFlags(p.sslFlags),
     sslDomain(p.sslDomain),
+    parsedOptions(p.parsedOptions),
     parsedFlags(p.parsedFlags),
     certs(p.certs),
     caFiles(p.caFiles),
@@ -41,7 +42,6 @@ Security::PeerOptions::PeerOptions(const Security::PeerOptions &p) :
     sslVersion(p.sslVersion),
     encryptTransport(p.encryptTransport)
 {
-    parseOptions(); // re-parse after sslOptions copied.
     memcpy(&flags, &p.flags, sizeof(flags));
 }
 
@@ -49,12 +49,12 @@ Security::PeerOptions &
 Security::PeerOptions::operator =(const Security::PeerOptions &p)
 {
     sslOptions = p.sslOptions;
-    parseOptions(); // re-parse after sslOptions copied.
     caDir = p.caDir;
     crlFile = p.crlFile;
     sslCipher = p.sslCipher;
     sslFlags = p.sslFlags;
     sslDomain = p.sslDomain;
+    parsedOptions = p.parsedOptions;
     parsedFlags = p.parsedFlags;
     certs = p.certs;
     caFiles = p.caFiles;
@@ -551,7 +551,9 @@ Security::PeerOptions::parseOptions()
     if (gnutls_priority_init(&op, priorities, &err) != GNUTLS_E_SUCCESS) {
         fatalf("Unknown TLS option '%s'", err);
     }
-    parsedOptions.reset(op);
+    parsedOptions = Security::ParsedOptions(op, [](gnutls_priority_t p) {
+            gnutls_priority_deinit(p);
+    });
 #endif
 }
 

diff --git a/src/security/PeerOptions.h b/src/security/PeerOptions.h
index d24bd62acfb088f69b7d8ca992253d1fb4b9cc69..c2f86201db376c8ae09a0d66623bd94be95119c6 100644 (file)
--- a/src/security/PeerOptions.h
+++ b/src/security/PeerOptions.h
@@ -86,6 +86,8 @@ protected:
     /// flags governing Squid internal TLS operations
     struct flags_ {
         flags_() : tlsDefaultCa(true), tlsNpn(true) {}
+        flags_(const flags_ &) = default;
+        flags_ &operator =(const flags_ &) = default;
 
         /// whether to use the system default Trusted CA when verifying the remote end certificate
         YesNoNone tlsDefaultCa;

diff --git a/src/security/forward.h b/src/security/forward.h
index 858c9ccfb5627b89d96420d664438d3c54e2132d..844611a2d20085825478403c498b120c43420b58 100644 (file)
--- a/src/security/forward.h
+++ b/src/security/forward.h
@@ -127,7 +127,7 @@ namespace Io
 class KeyData;
 
 #if !USE_OPENSSL && USE_GNUTLS
-typedef std::unique_ptr<struct gnutls_priority_st, HardFun<void, gnutls_priority_t, &gnutls_priority_deinit>> ParsedOptions;
+typedef std::shared_ptr<struct gnutls_priority_st> ParsedOptions;
 #else
 typedef long ParsedOptions;
 #endif

diff --git a/src/tests/stub_libsecurity.cc b/src/tests/stub_libsecurity.cc
index 046656874e2f8cafd3bd3c89010eae977de85906..6cb4af8d0830575e01e4b8df725bc01552076331 100644 (file)
--- a/src/tests/stub_libsecurity.cc
+++ b/src/tests/stub_libsecurity.cc
@@ -68,6 +68,8 @@ void PeerConnector::recordNegotiationDetails() STUB
 
 #include "security/PeerOptions.h"
 Security::PeerOptions Security::ProxyOutgoingConfig;
+//Security::PeerOptions::PeerOptions() STUB
+//Security::PeerOptions::PeerOptions(const Security::PeerOptions &) STUB
 Security::PeerOptions &Security::PeerOptions::operator =(const Security::PeerOptions &) STUB_RETVAL(*this)
 void Security::PeerOptions::parse(char const*) STUB
 Security::ContextPointer Security::PeerOptions::createClientContext(bool) STUB_RETVAL(Security::ContextPointer())