[sr-dev] git:master: tls: disable compression by default

[Andrei Pelinescu-Onciul]

Module: sip-router
Branch: master
Commit: 817b6fd3177bab507a8609b257fb8a79f89dd0a3
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=817b6fd3177bab507a8609b257fb8a79f89dd0a3

Author: Andrei Pelinescu-Onciul <andrei at iptel.org>
Committer: Andrei Pelinescu-Onciul <andrei at iptel.org>
Date:   Fri Mar 19 22:41:43 2010 +0100

tls: disable compression by default

Jan proposed to disable compression by default, since his tests showed
that with compression enabled openssl uses ~10x more memory.
For less then 100 connections it doesn't matter so much, but for
larger numbers (e.g. >1000) it really makes a huge difference.
To enable it, use modparam("tls", "tls_disable_compression", 0).

Reported-and-tested-by: Jan Janak <jan at iptel.org>

---

 modules/tls/tls_init.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
index aac73a6..004702d 100644
--- a/modules/tls/tls_init.c
+++ b/modules/tls/tls_init.c
@@ -126,7 +126,8 @@ int openssl_kssl_malloc_bug=0; /* is openssl bug #1467 present ? */
 #endif
 int openssl_mem_threshold1=-1; /* low memory threshold for connect/accept */
 int openssl_mem_threshold2=-1; /* like above but for other tsl operations */
-int tls_disable_compression = 0; /* by default enabled */
+int tls_disable_compression = 1; /* by default disabled due to high memory
+									use (~10x then without compression) */
 int tls_force_run = 0; /* ignore some start-up sanity checks, use it
 						  at your own risk */