Roger,
What I have found is that OpenSsl allocates s3->rbuf and s3->wbuf as soon as the SSL session is created, however uses these buffers as scratch buffer while doing handshake, or doing any other SSL opertion. Once the operation is done, those buffers could be safely freed since then do not hold any state information. Before these operations begin, you got to allocate them and then free it as soon as the operation is done. I allocate there buffers from my shared buffer pool thus by significantly reducing the per session memory usage.
My SSL implementation makes use of memory bio's (but you could use the same approach with any BIO for that matter). You could detect the completion of handshake through the SSL function "SS_is_init_finished" and find whether there is any data to flush using the function BIO_pending.
Hopefully this is helpful.
Regards,
Prashant.
"Roger V. Beathard" <[EMAIL PROTECTED]> wrote:
Do you have examples of how you reduce memory consumption to 10-12k per
connection?
Thanks,
Roger V. Beathard
Yahoo! Mail Mobile
Take Yahoo! Mail with you! Check email on your mobile phone.
