nxt_openssl.c (2089:dcec02b45917) nxt_openssl.c (2090:e6102bb58d1d)
1
2/*
3 * Copyright (C) Igor Sysoev
4 * Copyright (C) NGINX, Inc.
5 */
6
7#include <nxt_main.h>
8#include <nxt_conf.h>

--- 312 unchanged lines hidden (view full) ---

321#ifdef SSL_OP_NO_COMPRESSION
322 /*
323 * Disable gzip compression in OpenSSL 1.0.0,
324 * this saves about 522K per connection.
325 */
326 SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION);
327#endif
328
1
2/*
3 * Copyright (C) Igor Sysoev
4 * Copyright (C) NGINX, Inc.
5 */
6
7#include <nxt_main.h>
8#include <nxt_conf.h>

--- 312 unchanged lines hidden (view full) ---

321#ifdef SSL_OP_NO_COMPRESSION
322 /*
323 * Disable gzip compression in OpenSSL 1.0.0,
324 * this saves about 522K per connection.
325 */
326 SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION);
327#endif
328
329#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF
330 /* Request SSL_ERROR_ZERO_RETURN on EOF. */
331 SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF);
332#endif
333
329#ifdef SSL_MODE_RELEASE_BUFFERS
330
331 if (nxt_openssl_version >= 10001078) {
332 /*
333 * Allow to release read and write buffers in OpenSSL 1.0.0,
334 * this saves about 34K per idle connection. It is not safe
335 * before OpenSSL 1.0.1h (CVE-2010-5298).
336 */

--- 1472 unchanged lines hidden ---
334#ifdef SSL_MODE_RELEASE_BUFFERS
335
336 if (nxt_openssl_version >= 10001078) {
337 /*
338 * Allow to release read and write buffers in OpenSSL 1.0.0,
339 * this saves about 34K per idle connection. It is not safe
340 * before OpenSSL 1.0.1h (CVE-2010-5298).
341 */

--- 1472 unchanged lines hidden ---