Opened 3 years ago

Last modified 3 months ago

#157 assigned Patch submission

Use SSL_MODE_RELEASE_BUFFERS if available

Reported by: crrodriguez Owned by: syzzer
Priority: trivial Milestone: release 2.4
Component: Crypto Version: 2.1.0 / 2.1.1
Severity: Not set (if unsure, select this one) Keywords: ssl performance memory
Cc:

Description

Hi:

The attached patch sets SSL_MODE_RELEASE_BUFFERS if available, to keep openSSL memory usage as low as possible.

For more info, see

http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html

https://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html

Attachments (1)

0001-Use-SSL_MODE_RELEASE_BUFFERS-if-available.patch (866 bytes) - added by crrodriguez 3 years ago.

Download all attachments as: .zip

Change History (3)

comment:1 Changed 5 months ago by samuli

  • Keywords changed from ssl,performance,memory to ssl performance memory

comment:2 Changed 3 months ago by cron2

  • Milestone set to release 2.4
  • Owner set to syzzer
  • Status changed from new to assigned

OpenSSL indeed seems to eat a lot more money than PolarSSL.

Syzzer, can I interest you in this one...?

(As it's a "new feature, no bugfix, no long-term compatibility thing" it won't go into 2.3, but if we can save on memory for 2.4 without losing functionality, all for it)

Note: See TracTickets for help on using tickets.