Use SSL_MODE_RELEASE_BUFFERS if available

Sets SSL_MODE_RELEASE_BUFFERS if available, to keep openSSL memory usage as low as possible. For more info, see http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html https://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html See also trac #157 Signed-off-by: Cristian Rodriguez <crrodriguez@opensuse.org> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <5381FEFF.1040609@karger.me> Signed-off-by: Gert Doering <gert@greenie.muc.de>
author: Cristian Rodriguez <crrodriguez@opensuse.org> 2014-05-25 15:52:58 +0200
committer: Gert Doering <gert@greenie.muc.de> 2014-05-25 21:38:48 +0200
commit: a6c573d22566a1dfc44ab060687192a4debc2e03 (patch)
tree: 028bbc72f680546985686a4828abb957330ae9aa /src
parent: 5b17803ebbb0989cf66033387dfa1ae7cb41bb25 (diff)
download: openvpn-a6c573d22566a1dfc44ab060687192a4debc2e03.tar.gz
openvpn-a6c573d22566a1dfc44ab060687192a4debc2e03.tar.xz
openvpn-a6c573d22566a1dfc44ab060687192a4debc2e03.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index 3a222d8..4862bad 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -198,6 +198,9 @@ tls_ctx_set_options (struct tls_root_ctx *ctx, unsigned int ssl_flags)
     SSL_CTX_set_options (ctx->ctx, sslopt);
   }
 
+#ifdef SSL_MODE_RELEASE_BUFFERS
+  SSL_CTX_set_mode (ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
   SSL_CTX_set_session_cache_mode (ctx->ctx, SSL_SESS_CACHE_OFF);
   SSL_CTX_set_default_passwd_cb (ctx->ctx, pem_password_callback);
author	Cristian Rodriguez <crrodriguez@opensuse.org>	2014-05-25 15:52:58 +0200
committer	Gert Doering <gert@greenie.muc.de>	2014-05-25 21:38:48 +0200
commit	a6c573d22566a1dfc44ab060687192a4debc2e03 (patch)
tree	028bbc72f680546985686a4828abb957330ae9aa /src
parent	5b17803ebbb0989cf66033387dfa1ae7cb41bb25 (diff)
download	openvpn-a6c573d22566a1dfc44ab060687192a4debc2e03.tar.gz openvpn-a6c573d22566a1dfc44ab060687192a4debc2e03.tar.xz openvpn-a6c573d22566a1dfc44ab060687192a4debc2e03.zip