Browse Source

[mod_openssl] ssl.read-ahead="disable" by default

set ssl.read-ahead = "disable" by default (modifies commit f4e1357d)

Given various reports from users of embedded systems, the default is
being changed to do the sane thing for these systems.  This is the
right setting on slow embedded systems for which decoding SSL input
is slower than receiving that input over the network.

On the other hand, for faster systems, ssl.read-ahead = "enable" is
recommended for a slight performance gain and should be explicitly set
in the global or $SERVER["socket"] configuration blocks in lighttpd.conf

x-ref:
  "https POST requests buffered in RAM since v1.4.41?"
  https://redmine.lighttpd.net/boards/2/topics/7520
personal/stbuehler/cleanup-build
Glenn Strauss 4 years ago
parent
commit
77bdaa3a93
  1. 2
      src/mod_openssl.c

2
src/mod_openssl.c

@ -941,7 +941,7 @@ SETDEFAULTS_FUNC(mod_openssl_set_defaults)
s->ssl_verifyclient_export_cert = 0;
s->ssl_disable_client_renegotiation = 1;
s->ssl_read_ahead = (0 == i)
? !srv->config_storage[0]->stream_request_body
? 0
: p->config_storage[0]->ssl_read_ahead;
if (0 != i) buffer_copy_buffer(s->ssl_ca_crl_file, p->config_storage[0]->ssl_ca_crl_file);
if (0 != i) buffer_copy_buffer(s->ssl_ca_dn_file, p->config_storage[0]->ssl_ca_dn_file);

Loading…
Cancel
Save