[nginx] svn commit: r5004 - trunk/src/event
mdounin at mdounin.ru
mdounin at mdounin.ru
Wed Jan 9 14:11:49 UTC 2013
Author: mdounin
Date: 2013-01-09 14:11:48 +0000 (Wed, 09 Jan 2013)
New Revision: 5004
URL: http://trac.nginx.org/nginx/changeset/5004/nginx
Log:
SSL: speedup loading of configs with many ssl servers.
The patch saves one EC_KEY_generate_key() call per server{} block by
informing OpenSSL about SSL_OP_SINGLE_ECDH_USE we are going to use before
the SSL_CTX_set_tmp_ecdh() call.
For a configuration file with 10k simple server{} blocks with SSL enabled
this change reduces startup time from 18s to 5s on a slow test box here.
Modified:
trunk/src/event/ngx_event_openssl.c
Modified: trunk/src/event/ngx_event_openssl.c
===================================================================
--- trunk/src/event/ngx_event_openssl.c 2013-01-08 14:03:37 UTC (rev 5003)
+++ trunk/src/event/ngx_event_openssl.c 2013-01-09 14:11:48 UTC (rev 5004)
@@ -643,10 +643,10 @@
return NGX_ERROR;
}
+ SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE);
+
SSL_CTX_set_tmp_ecdh(ssl->ctx, ecdh);
- SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE);
-
EC_KEY_free(ecdh);
#endif
#endif
More information about the nginx-devel
mailing list