cl+ssl: Patches

Because I don't feel like getting an account on common-lisp.net just yet

Note! Both patches on this page are now a part of cl+ssl. Unless your version is prior to July 2007, you already have them. (Whether you want them or not. Mwuahahaha.)

Why Did I Make These Patches?

Simple, really. I needed their functionality. And I haven't bothered to get an account on common-lisp.net, so I have no commit access.

Speeding Up clisp

cl+ssl has some serious speed issues on CLISP. For small requests, it's not enough to worry about, but on larger requests the speed issue can mean the difference between a 15 second download and a 15 minute download. And that just won't do!

What Makes cl+ssl on clisp so slow?

On clisp, cffi's with-pointer-to-vector-data macro uses copy-in, copy-out semantics, because clisp doesn't offer a with-pinned-object facility or some other way of getting at the pointer to a simple-array. Very sad, I know. In addition to being a leaky abstraction, wptvd is really slow.

How to Speed Things Up?

The simplest thing that can possibly work: break the abstraction. I introduce several new functions (buffer-length, buffer-elt, etc.) and use those wherever an ssl-stream-*-buffer happens to be used, in place of the corresponding sequence functions. Those buffer-* functions operate on clisp's ffi:pointer objects, resulting in a tremendous speedup--and probably a memory leak or two.

This Is Not For You If...

While I've made an effort to ensure this patch doesn't break other implementations, if you have code which relies on ssl-stream-*-buffer returning an array you can use standard CL functions on, it will break on clisp under this patch. But you weren't relying on cl+ssl internals anyway, now were you?

Get the Patch

cl+ssl-clisp-speedup-patch.tar.gz contains several new files, and a patch for existing files. Just unpack it in your cl+ssl directory, and apply cl+ssl.patch.

Supporting Client Certificates

Sometimes you want to use SSL client certificates--they're better than passwords and easier to lose! It seemed like a good idea at the time?

The patch adds two arguments to (make-ssl-client-stream), :certificate and :key, identical to the same arguments in (make-ssl-server-stream).

Contacting the Patch Author

My e-mail address is pix@kepibu.org.