Hi!
I am currently writing the documentation for the session caching and while
researching in the code I found the following:
ssl.h:
#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
ssl_sess.c:
...
if (SSL_CTX_sess_get_cache_size(ctx) > 0)
{
while (SSL_CTX_sess_number(ctx) >
SSL_CTX_sess_get_cache_size(ctx))
{
if (!remove_session_lock(ctx,
ctx->session_cache_tail, 0))
break;
else
ctx->stats.sess_cache_full++;
}
}
...
With SSL_CTX_sess_number being
ssl_lib.c:
case SSL_CTRL_SESS_NUMBER:
return(ctx->sessions->num_items);
This means that the default session cache size is more than 20000 sessions..
(With client certificates a session can easily be more than 1kb, so I am
talking about 20MB. Yes, I am aware that it might be pretty tough to establish
20000 sessions in the first place :-)
Did I miss something?
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
