### Description
a tls connection uses 52104 bytes. Among these memory, tcp_connection structure use 776
bytes and tcp_rd_buf use 6000 bytes, and the left part (45328 bytes) are all about SSL
session with crypto.
### Expected behavior
kamailio does some optimization for self defined BIO_TYPE_SOURCE_SINK bio type, to save
more memory
#### Actual observed behavior
among this 45328 bytes, the biggest parts are BIO read buffer(16KB) and BIO write
buffer(16KB). currently kamailio uses BIO_TYPE_SOURCE_SINK type bio, which needs kamailio
manage the buffer by itself (there is no optimization). While nginx uses
BIO_TYPE_MEM type bio, which is a openssl's internal bio type with memory
optimization. As a result, nginx use less memory to accept more TLS connections than
kamailio
#### Debugging Data
None
#### Log Messages
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1219]: tlsf_sums(): pool (0x7f1a3eec1000) summarizing all alloc'ed.
fragments:
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 2 size= 336 bytes from tls:
tls_init.c: crypto/evp/evp_enc.c(43)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 80 bytes from tls:
tls_init.c: crypto/bn/bn_blind.c(36)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 3 size= 360 bytes from tls:
tls_init.c: crypto/bn/bn_mont.c(232)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 2 size= 1456 bytes from tls:
tls_init.c: crypto/evp/evp_enc.c(129)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 120 bytes from tls:
tls_init.c: ssl/t1_lib.c(1784)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 56 bytes from tls:
tls_init.c: ssl/statem/extensions.c(959)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 2 size= 112 bytes from tls:
tls_init.c: ssl/t1_lib.c(1811)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 56 bytes from tls:
tls_init.c: ssl/statem/../packet_local.h(462)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 56 bytes from tls:
tls_init.c: ssl/statem/../packet_local.h(485)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 640 bytes from tls:
tls_init.c: ssl/ssl_sess.c(72)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 144 bytes from tls:
tls_init.c: ssl/packet_local.h(462)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 224 bytes from tls:
tls_init.c: crypto/evp/digest.c(139)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 3 size= 168 bytes from tls:
tls_init.c: crypto/evp/digest.c(62)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 16496 bytes from tls:
tls_init.c: ssl/record/ssl3_buffer.c(124)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 16712 bytes from tls:
tls_init.c: ssl/record/ssl3_buffer.c(63)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 6280 bytes from tls:
tls_init.c: ssl/ssl_lib.c(691)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 6776 bytes from core:
tcp_main.c: tcpconn_new(1148)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 56 bytes from tls:
tls_init.c: tls_bio.c(184)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 120 bytes from tls:
tls_init.c: crypto/bio/bio_lib.c(73)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 536 bytes from tls:
tls_init.c: ssl/ssl_cert.c(76)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 56 bytes from tls:
tls_init.c: ssl/ssl_lib.c(793)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 72 bytes from tls:
tls_init.c: crypto/bio/bio_meth.c(41)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 96 bytes from tls:
tls_init.c: crypto/bio/bio_meth.c(38)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 1040 bytes from tls:
tls_init.c: ssl/s3_lib.c(3296)
Mar 30 19:46:46 localhost.localdomain sipproxy[2273]: INFO: <core>
[mem/tlsf_malloc.c:1235]: tlsf_sums(): count= 1 size= 56 bytes from tls:
tls_server.c: tls_complete_init(229)
#### SIP Traffic
None
### Possible Solutions
None
### Additional Information
[root@ip-10-23-0-191 ec2-user]# /opt/kamailio/sbin/kamailio -v
version: kamailio 4.4.7 (aarch64/linux)
flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, DISABLE_NAGLE, USE_MCAST,
DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC,
DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT-NOSMP, USE_DNS_CACHE, USE_DNS_FAILOVER,
USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024,
BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown
compiled on 12:18:05 Mar 28 2024 with gcc 7.3.1
* **Operating System**:
Linux localhost.localdomain 4.18.0-425.3.1.el8.x86_64 #1 SMP Tue Nov 8 14:08:25 EST 2022
x86_64 x86_64 x86_64 GNU/Linux
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/3803
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/issues/3803(a)github.com>