On Thu, Feb 12, 2004 at 08:42:39PM -0700, Sales, Randall S (Randall) wrote:
> Has anyone else had need to reduce TLS session memory footprint? When acting as
> server (Apache 2.0 running on Linux), I measure 57kB used after https session
> established, with peak memory use at 99kB (during establishment). A
> s_server/s_client TLS session shows slightly higher values.
>
> ./ssl/ssl3.h defines SSL3_RT_MAX_PLAIN_LENGTH as 16384. This #define is the basis
> of quite a few relatively large mallocs. Is 16384 a sacred number? What are the
> implications of reducing the value to 2048 or 4096? Would the change have any
> effect on functionality, stability, and/or performance?
16834 is part of the TLS standard: it is the largest chunk to be used for
encrypted communication. You could reduce your chunk size for sending, but
you have to reserve a buffer large enough for receival as your peer is
still free to use the full chunk size.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
