From c97e1d3b729b6400bdc83a8c3f192f4d474e8810 Mon Sep 17 00:00:00 2001 From: Menghan Li Date: Tue, 14 Apr 2020 15:09:23 -0700 Subject: [PATCH] Revert "credentials/alts: Properly release server InBytes buffer after the handshake is complete. (#3513)" (#3528) This reverts commit 7c3fd13027648f7fe3bfc6e16289c65c09493e69. --- credentials/alts/internal/conn/record.go | 29 +++++++++--------------- 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/credentials/alts/internal/conn/record.go b/credentials/alts/internal/conn/record.go index fdf84ce65..fd5a53d9a 100644 --- a/credentials/alts/internal/conn/record.go +++ b/credentials/alts/internal/conn/record.go @@ -111,32 +111,25 @@ func NewConn(c net.Conn, side core.Side, recordProtocol string, key []byte, prot } overhead := MsgLenFieldSize + msgTypeFieldSize + crypto.EncryptionOverhead() payloadLengthLimit := altsRecordDefaultLength - overhead - // We pre-allocate protectedBuf to be at least of size - // 2*altsRecordDefaultLength-1 during initialization. We only read from - // the network into protectedBuf when protectedBuf does not contain a - // complete frame, which is at most altsRecordDefaultLength-1 (bytes). - // And we read at most altsRecordDefaultLength (bytes) data into - // protectedBuf at one time. Therefore, 2*altsRecordDefaultLength-1 is - // large enough to buffer data read from the network. If protected is - // not nil, and its size is larger than 2*altsRecordDefaultLength-1, we - // allocate protectedBuf to be size of len(protected), then we copy the - // protected content to protectedBuf. - protectedBufLen := 2*altsRecordDefaultLength - 1 - if len(protected) > protectedBufLen { - protectedBufLen = len(protected) - } - protectedBuf := make([]byte, 0, protectedBufLen) if protected == nil { - copy(protectedBuf, protected) + // We pre-allocate protected to be of size + // 2*altsRecordDefaultLength-1 during initialization. We only + // read from the network into protected when protected does not + // contain a complete frame, which is at most + // altsRecordDefaultLength-1 (bytes). And we read at most + // altsRecordDefaultLength (bytes) data into protected at one + // time. Therefore, 2*altsRecordDefaultLength-1 is large enough + // to buffer data read from the network. + protected = make([]byte, 0, 2*altsRecordDefaultLength-1) } altsConn := &conn{ Conn: c, crypto: crypto, payloadLengthLimit: payloadLengthLimit, - protected: protectedBuf, + protected: protected, writeBuf: make([]byte, altsWriteBufferInitialSize), - nextFrame: protectedBuf, + nextFrame: protected, overhead: overhead, } return altsConn, nil