Always set SSL_MODE_RELEASE_BUFFERS in ab.
PR: 51618
Submitted by: Cristian RodrÃguez <crrodriguez opensuse org>, Stefan Fritsch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1178079 13f79535-47bb-0310-9956-
ffa450edef68
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener,
<lowprio20 gmail.com>]
+ *) mod_ssl: If MaxMemFree is set, ask OpenSSL >= 1.0.0 to reduce memory
+ usage. PR 51618. [Cristian RodrÃguez <crrodriguez opensuse org>,
+ Stefan Fritsch]
+
*) mod_ssl: At startup, when checking a server certificate whether it
matches the configured ServerName, also take dNSName entries in the
subjectAltName extension into account. PR 32652, PR 47051. [Kaspar Brand]
see Recursive.''
-- Unknown */
#include "ssl_private.h"
+#include "mpm_common.h"
/* _________________________________________________________________
**
*/
SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
#endif
+
+#ifdef SSL_MODE_RELEASE_BUFFERS
+ /* If httpd is configured to reduce mem usage, ask openssl to do so, too */
+ if (ap_max_mem_free != APR_ALLOCATOR_MAX_FREE_UNLIMITED)
+ SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
}
static void ssl_init_ctx_session_cache(server_rec *s,
exit(1);
}
SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
+#ifdef SSL_MODE_RELEASE_BUFFERS
+ /* Keep memory usage as low as possible */
+ SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
if (ssl_cipher != NULL) {
if (!SSL_CTX_set_cipher_list(ssl_ctx, ssl_cipher)) {
fprintf(stderr, "error setting cipher list [%s]\n", ssl_cipher);
projects / thirdparty / apache / httpd.git / commitdiff
