On Wed, Sep 5, 2012 at 1:13 PM, Nikos Mavrogiannopoulos <[email protected]> wrote:
> gnutls has certtool as well, but I don't think that this approach is > any easier than optimizing libtasn1. The simpler way without radical > changes in certificate verification, would need to introduce a > certificate cache, in effect storing the libtasn1 tree and restoring > it back. Still you'd have to optimize the tree creation/copy etc. I > think that the way that is beneficial for all use cases is to optimize > tree creation and copy in libtasn1 anyway and avoid any caching. I'll > add it in my todo list, but unfortunately currently that doesn't mean > much as I'm busy with other things. Btw. I noticed that samba's talloc has a talloc using a pool. Using that in libtasn1 could have the following immediate effects: * No memory leaks once a structure is deallocated * A single malloc (or at least fewer) per structure In general talloc() should be a bit slower than plain malloc, but I believe that pooled version could have an impact in this case. I'll try to test it this or next weekend. regards, Nikos
