diff options
| author | Steve Dower <steve.dower@python.org> | 2019-09-10 02:02:04 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-10 02:02:04 -0700 |
| commit | fdd17abc51e363ab19d248375d717512b8b26966 (patch) | |
| tree | cd7494ab4145909f6889c4ed2d0192c408ff3256 /Modules/_ssl.c | |
| parent | 74b7413d3a9be5e06b16eb2b9a6bdc1f3fe44bbb (diff) | |
| download | cpython-git-fdd17abc51e363ab19d248375d717512b8b26966.tar.gz | |
bpo-35941: Fix performance regression in SSL certificate code (GH-12610)
Accumulate certificates in a set instead of doing a costly list contain
operation. A Windows cert store can easily contain over hundred
certificates. The old code would result in way over 5,000 comparison
operations
Signed-off-by: Christian Heimes <christian@python.org>
Diffstat (limited to 'Modules/_ssl.c')
| -rw-r--r-- | Modules/_ssl.c | 56 |
1 files changed, 27 insertions, 29 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 6f91b48825..64060c64c4 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -5517,7 +5517,7 @@ parseKeyUsage(PCCERT_CONTEXT pCertCtx, DWORD flags) } return PyErr_SetFromWindowsErr(error); } - retval = PySet_New(NULL); + retval = PyFrozenSet_New(NULL); if (retval == NULL) { goto error; } @@ -5592,20 +5592,6 @@ ssl_collect_certificates(const char *store_name) return hCollectionStore; } -/* code from Objects/listobject.c */ - -static int -list_contains(PyListObject *a, PyObject *el) -{ - Py_ssize_t i; - int cmp; - - for (i = 0, cmp = 0 ; cmp == 0 && i < Py_SIZE(a); ++i) - cmp = PyObject_RichCompareBool(el, PyList_GET_ITEM(a, i), - Py_EQ); - return cmp; -} - /*[clinic input] _ssl.enum_certificates store_name: str @@ -5628,7 +5614,7 @@ _ssl_enum_certificates_impl(PyObject *module, const char *store_name) PyObject *keyusage = NULL, *cert = NULL, *enc = NULL, *tup = NULL; PyObject *result = NULL; - result = PyList_New(0); + result = PySet_New(NULL); if (result == NULL) { return NULL; } @@ -5668,11 +5654,10 @@ _ssl_enum_certificates_impl(PyObject *module, const char *store_name) enc = NULL; PyTuple_SET_ITEM(tup, 2, keyusage); keyusage = NULL; - if (!list_contains((PyListObject*)result, tup)) { - if (PyList_Append(result, tup) < 0) { - Py_CLEAR(result); - break; - } + if (PySet_Add(result, tup) == -1) { + Py_CLEAR(result); + Py_CLEAR(tup); + break; } Py_CLEAR(tup); } @@ -5696,7 +5681,14 @@ _ssl_enum_certificates_impl(PyObject *module, const char *store_name) return PyErr_SetFromWindowsErr(GetLastError()); } - return result; + /* convert set to list */ + if (result == NULL) { + return NULL; + } else { + PyObject *lst = PySequence_List(result); + Py_DECREF(result); + return lst; + } } /*[clinic input] @@ -5720,7 +5712,7 @@ _ssl_enum_crls_impl(PyObject *module, const char *store_name) PyObject *crl = NULL, *enc = NULL, *tup = NULL; PyObject *result = NULL; - result = PyList_New(0); + result = PySet_New(NULL); if (result == NULL) { return NULL; } @@ -5750,11 +5742,10 @@ _ssl_enum_crls_impl(PyObject *module, const char *store_name) PyTuple_SET_ITEM(tup, 1, enc); enc = NULL; - if (!list_contains((PyListObject*)result, tup)) { - if (PyList_Append(result, tup) < 0) { - Py_CLEAR(result); - break; - } + if (PySet_Add(result, tup) == -1) { + Py_CLEAR(result); + Py_CLEAR(tup); + break; } Py_CLEAR(tup); } @@ -5776,7 +5767,14 @@ _ssl_enum_crls_impl(PyObject *module, const char *store_name) Py_XDECREF(result); return PyErr_SetFromWindowsErr(GetLastError()); } - return result; + /* convert set to list */ + if (result == NULL) { + return NULL; + } else { + PyObject *lst = PySequence_List(result); + Py_DECREF(result); + return lst; + } } #endif /* _MSC_VER */ |