Module: sip-router Branch: master Commit: 817b6fd3177bab507a8609b257fb8a79f89dd0a3 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=817b6fd3...
Author: Andrei Pelinescu-Onciul andrei@iptel.org Committer: Andrei Pelinescu-Onciul andrei@iptel.org Date: Fri Mar 19 22:41:43 2010 +0100
tls: disable compression by default
Jan proposed to disable compression by default, since his tests showed that with compression enabled openssl uses ~10x more memory. For less then 100 connections it doesn't matter so much, but for larger numbers (e.g. >1000) it really makes a huge difference. To enable it, use modparam("tls", "tls_disable_compression", 0).
Reported-and-tested-by: Jan Janak jan@iptel.org
---
modules/tls/tls_init.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c index aac73a6..004702d 100644 --- a/modules/tls/tls_init.c +++ b/modules/tls/tls_init.c @@ -126,7 +126,8 @@ int openssl_kssl_malloc_bug=0; /* is openssl bug #1467 present ? */ #endif int openssl_mem_threshold1=-1; /* low memory threshold for connect/accept */ int openssl_mem_threshold2=-1; /* like above but for other tsl operations */ -int tls_disable_compression = 0; /* by default enabled */ +int tls_disable_compression = 1; /* by default disabled due to high memory + use (~10x then without compression) */ int tls_force_run = 0; /* ignore some start-up sanity checks, use it at your own risk */