From 3d919440c80333c496fbb52bf5284c8d84a320cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= Date: Wed, 3 Aug 2011 22:20:45 +0200 Subject: [PATCH] OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available, reduces memory use MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See also : http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html Signed-off-by: Cristian Rodríguez --- TODO-RELEASE | 3 --- lib/ssluse.c | 4 ++++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/TODO-RELEASE b/TODO-RELEASE index b6ff7db5e..7255985b6 100644 --- a/TODO-RELEASE +++ b/TODO-RELEASE @@ -43,9 +43,6 @@ To be addressed in 7.21.8 (or 7.22.0?) http://curl.haxx.se/mail/lib-2011-07/0186.html and http://curl.haxx.se/mail/lib-2011-08/0008.html -305 - "Use SSL_MODE_RELEASE_BUFFERS if available," by Cristian Rodríguez - http://curl.haxx.se/mail/lib-2011-08/0017.html - 306 - SSL Sessions shared by Alejandro Alvarez Ayllon http://curl.haxx.se/mail/lib-2011-08/0002.html diff --git a/lib/ssluse.c b/lib/ssluse.c index 91ed93b2c..924a37df4 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1489,6 +1489,10 @@ ossl_connect_step1(struct connectdata *conn, return CURLE_OUT_OF_MEMORY; } +#ifdef SSL_MODE_RELEASE_BUFFERS + SSL_CTX_set_mode(connssl->ctx, SSL_MODE_RELEASE_BUFFERS); +#endif + #ifdef SSL_CTRL_SET_MSG_CALLBACK if(data->set.fdebug && data->set.verbose) { /* the SSL trace callback is only used for verbose logging so we only