daemon: use SSL_MODE_RELEASE_BUFFERS

author Eric Wong <e@80x24.org>

Mon, 24 Jun 2019 02:52:44 +0000 (02:52 +0000)

committer Eric Wong <e@80x24.org>

Mon, 24 Jun 2019 05:26:27 +0000 (05:26 +0000)
author Eric Wong <e@80x24.org>
Mon, 24 Jun 2019 02:52:44 +0000 (02:52 +0000)
committer Eric Wong <e@80x24.org>
Mon, 24 Jun 2019 05:26:27 +0000 (05:26 +0000)
diff --git a/lib/PublicInbox/Daemon.pm b/lib/PublicInbox/Daemon.pm

index 55103f40d068b94d6a0550f019e14d09ce4f3d24..c4481555d43e66a7065b21e39bce4648a5780c85 100644 (file)
--- a/lib/PublicInbox/Daemon.pm
+++ b/lib/PublicInbox/Daemon.pm
@@ -59,6 +59,16 @@ sub accept_tls_opt ($) {
         }
         my $ctx = IO::Socket::SSL::SSL_Context->new(%ctx_opt) or
                 die 'SSL_Context->new: '.PublicInbox::TLS::err();
+
+       # save ~34K per idle connection (cf. SSL_CTX_set_mode(3ssl))
+       # RSS goes from 346MB to 171MB with 10K idle NNTPS clients on amd64
+       # cf. https://rt.cpan.org/Ticket/Display.html?id=129463
+       my $mode = eval { Net::SSLeay::MODE_RELEASE_BUFFERS() };
+       if ($mode && $ctx->{context}) {
+               eval { Net::SSLeay::CTX_set_mode($ctx->{context}, $mode) };
+               warn "W: $@ (setting SSL_MODE_RELEASE_BUFFERS)\n" if $@;
+       }
+
         { SSL_server => 1, SSL_startHandshake => 0, SSL_reuse_ctx => $ctx };
  }
author	Eric Wong <e@80x24.org>
	Mon, 24 Jun 2019 02:52:44 +0000 (02:52 +0000)
committer	Eric Wong <e@80x24.org>
	Mon, 24 Jun 2019 05:26:27 +0000 (05:26 +0000)