Opened 13 years ago
Closed 11 years ago
#157 closed Patch submission (fixed)
Use SSL_MODE_RELEASE_BUFFERS if available
Reported by: | crrodriguez | Owned by: | Steffan Karger |
---|---|---|---|
Priority: | trivial | Milestone: | release 2.4 |
Component: | Crypto | Version: | OpenVPN 2.1.0 / 2.1.1 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | ssl performance memory |
Cc: |
Description
Hi:
The attached patch sets SSL_MODE_RELEASE_BUFFERS if available, to keep openSSL memory usage as low as possible.
For more info, see
http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
Attachments (1)
Change History (6)
Changed 13 years ago by
Attachment: | 0001-Use-SSL_MODE_RELEASE_BUFFERS-if-available.patch added |
---|
comment:1 Changed 11 years ago by
Keywords: | ssl,performance,memory → ssl performance memory |
---|
comment:2 Changed 11 years ago by
Milestone: | → release 2.4 |
---|---|
Owner: | set to Steffan Karger |
Status: | new → assigned |
comment:4 Changed 11 years ago by
Sorry, overlooked this one. Patch looks sane, but needs to be adjusted to the current master. I'll do that, run some tests and - if successful - send an updated patch to the mailinglist.
Edit: I'll do this somewhere in the coming days.
comment:5 Changed 11 years ago by
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
"Coming days" became "coming weeks", but finally the patch has been applied to master, and will be included in OpenVPN 2.4.
Note: See
TracTickets for help on using
tickets.
OpenSSL indeed seems to eat a lot more money than PolarSSL.
Syzzer, can I interest you in this one...?
(As it's a "new feature, no bugfix, no long-term compatibility thing" it won't go into 2.3, but if we can save on memory for 2.4 without losing functionality, all for it)