summaryrefslogtreecommitdiff
path: root/src/network.c
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2017-01-10 15:59:50 -0500
committerGlenn Strauss <gstrauss@gluelogic.com>2017-01-10 15:59:50 -0500
commitb03c4962989169068737c70083b4e442e2115f85 (patch)
tree021bc67000e2c3e528371b2afd86f6750d75b27d /src/network.c
parentbe520a8058ee0968bc3cb7b202521bd17f9ee87a (diff)
downloadlighttpd1.4-b03c4962989169068737c70083b4e442e2115f85.tar.gz
lighttpd1.4-b03c4962989169068737c70083b4e442e2115f85.zip
[TLS] ssl.read-ahead = "disable" for low mem (fixes #2778)
new directive ssl.read-ahead = "enable"/"disable" to control SSL_CTX_set_read_ahead(). Default "enable". The "disable" setting is intended for use on low memory systems with a slow CPU which is unable to keep up with decryption of large request bodies. x-ref: "larger memory usage for file uploads via SSL on embedded system" https://redmine.lighttpd.net/issues/2778
Diffstat (limited to 'src/network.c')
-rw-r--r--src/network.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/network.c b/src/network.c
index b46dcf71..4295fe96 100644
--- a/src/network.c
+++ b/src/network.c
@@ -994,7 +994,7 @@ int network_init(server *srv) {
s->ssl_pemfile);
return -1;
}
- SSL_CTX_set_default_read_ahead(s->ssl_ctx, 1);
+ SSL_CTX_set_default_read_ahead(s->ssl_ctx, s->ssl_read_ahead);
SSL_CTX_set_mode(s->ssl_ctx, SSL_CTX_get_mode(s->ssl_ctx)
| SSL_MODE_ENABLE_PARTIAL_WRITE
| SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER