Welcome! Log In Create A New Profile

[nginx] svn commit: r5004 - trunk/src/event

Forum List Message List New Topic Print View

Anonymous User

January 09, 2013 09:12AM

Author: mdounin
Date: 2013-01-09 14:11:48 +0000 (Wed, 09 Jan 2013)
New Revision: 5004
URL: http://trac.nginx.org/nginx/changeset/5004/nginx

Log:
SSL: speedup loading of configs with many ssl servers.

The patch saves one EC_KEY_generate_key() call per server{} block by
informing OpenSSL about SSL_OP_SINGLE_ECDH_USE we are going to use before
the SSL_CTX_set_tmp_ecdh() call.

For a configuration file with 10k simple server{} blocks with SSL enabled
this change reduces startup time from 18s to 5s on a slow test box here.

Modified:
trunk/src/event/ngx_event_openssl.c

Modified: trunk/src/event/ngx_event_openssl.c
===================================================================
--- trunk/src/event/ngx_event_openssl.c 2013-01-08 14:03:37 UTC (rev 5003)
+++ trunk/src/event/ngx_event_openssl.c 2013-01-09 14:11:48 UTC (rev 5004)
@@ -643,10 +643,10 @@
return NGX_ERROR;
}

+ SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE);
+
SSL_CTX_set_tmp_ecdh(ssl->ctx, ecdh);

- SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE);
-
EC_KEY_free(ecdh);
#endif
#endif

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[nginx] svn commit: r5004 - trunk/src/event	Anonymous User	1273	January 09, 2013 09:12AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 105

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018