[RFC] event/openssl: Add dynamic record size support for serving ssl trafic
mat999 at gmail.com
Tue Jun 2 01:04:43 UTC 2015
>From memory SSL_CIPHER_is_AES is a BoringSSL addition isnt it? I did a
quick look over the OpenSSL source and it does not seem like its been added
I havent had a chance to compile this yet to confirm it, but if correct
then this is not compatible with OpenSSL and possibly other SSL libraries.
On Thu, May 28, 2015 at 2:43 AM, W-Mark Kubacki <wmark+nginx at hurrikane.de>
> 2015-05-05 15:39 GMT+02:00 chen <gzchenym at 126.com>:
> > This is v1 of the patchset the implementing the feature SSL Dynamic
> > Sizing, inspiring by Google Front End […]
> > Any comments is welcome.
> Nice! I've implemented that for Golang in the past and have ported it
> to C for you today.
> Although a single initial packet might seem more attractive in
> benchmarks, I found that sending two results in better catching parts
> of HEAD — which is what we want. Then you will notice some dancing
> around IW4, by which we've already sent about 5683 octets. Enough for
> me for a making a tradeoff here.
> 16k as ssl->buffer_size results in partially filled packets. A better
> default value could minimize the overhead (<0.5%) for that trailing
> SSL libraries really should provide a function for computing overhead.
> nginx-devel mailing list
> nginx-devel at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx-devel