Mercurial > hg > nginx-quic
annotate auto/cc/ccc @ 5058:f25d0bbc4392 stable-1.2
Merge of r5004, r5019-r5025: ssl fixes.
*) SSL: speedup loading of configs with many ssl servers. The patch
saves one EC_KEY_generate_key() call per server{} block by informing
OpenSSL about SSL_OP_SINGLE_ECDH_USE we are going to use before
the SSL_CTX_set_tmp_ecdh() call.
For a configuration file with 10k simple server{} blocks with SSL
enabled this change reduces startup time from 18s to 5s on a slow
test box here.
*) SSL: removed conditions that always hold true.
*) SSL: resetting of flush flag after the data was written. There is
no need to flush next chunk of data if it does not contain a buffer
with the flush or last_buf flags set.
*) SSL: preservation of flush flag for buffered data. Previously,
if SSL buffer was not sent we lost information that the data
must be flushed.
*) SSL: calculation of buffer size moved closer to its usage.
No functional changes.
*) SSL: avoid calling SSL_write() with zero data size. According to
documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.
We don't currently call ngx_ssl_send_chain() with empty chain and
buffer. This check handles the case of a chain with total data size
that is a multiple of NGX_SSL_BUFSIZE, and with the special buffer
at the end.
In practice such cases resulted in premature connection close and
critical error "SSL_write() failed (SSL:)" in the error log.
*) SSL: take into account data in the buffer while limiting output.
In some rare cases this can result in a more smooth sending rate.
*) SSL: fixed ngx_ssl_handshake() with level-triggered event methods.
Missing calls to ngx_handle_write_event() and ngx_handle_read_event()
resulted in a CPU hog during SSL handshake if an level-triggered event
method (e.g. select) was used.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 11 Feb 2013 15:12:06 +0000 |
parents | d620f497c50f |
children |
rev | line source |
---|---|
515 | 1 |
2 # Copyright (C) Igor Sysoev | |
4412 | 3 # Copyright (C) Nginx, Inc. |
515 | 4 |
5 | |
6 # Compaq C V6.5-207 | |
7 | |
8 ngx_include_opt="-I" | |
9 | |
10 # warnings | |
11 | |
12 CFLAGS="$CFLAGS -msg_enable level6 -msg_fatal level6" | |
13 | |
517 | 14 CFLAGS="$CFLAGS -msg_disable unknownmacro" |
15 CFLAGS="$CFLAGS -msg_disable unusedincl" | |
515 | 16 CFLAGS="$CFLAGS -msg_disable unnecincl" |
17 CFLAGS="$CFLAGS -msg_disable nestincl" | |
18 CFLAGS="$CFLAGS -msg_disable strctpadding" | |
19 CFLAGS="$CFLAGS -msg_disable ansialiascast" | |
20 CFLAGS="$CFLAGS -msg_disable inlinestoclsmod" | |
21 CFLAGS="$CFLAGS -msg_disable cxxkeyword" | |
22 CFLAGS="$CFLAGS -msg_disable longlongsufx" | |
517 | 23 CFLAGS="$CFLAGS -msg_disable valuepres" |
515 | 24 |
25 # STUB | |
26 CFLAGS="$CFLAGS -msg_disable truncintcast" | |
27 CFLAGS="$CFLAGS -msg_disable trunclongcast" | |
517 | 28 |
515 | 29 CFLAGS="$CFLAGS -msg_disable truncintasn" |
30 CFLAGS="$CFLAGS -msg_disable trunclongint" | |
31 CFLAGS="$CFLAGS -msg_disable intconcastsgn" | |
32 CFLAGS="$CFLAGS -msg_disable intconstsign" | |
517 | 33 CFLAGS="$CFLAGS -msg_disable switchlong" |
34 CFLAGS="$CFLAGS -msg_disable subscrbounds2" | |
35 | |
515 | 36 CFLAGS="$CFLAGS -msg_disable hexoctunsign" |
517 | 37 |
515 | 38 CFLAGS="$CFLAGS -msg_disable ignorecallval" |
39 CFLAGS="$CFLAGS -msg_disable nonstandcast" | |
40 CFLAGS="$CFLAGS -msg_disable embedcomment" | |
41 CFLAGS="$CFLAGS -msg_disable unreachcode" | |
42 CFLAGS="$CFLAGS -msg_disable questcompare2" | |
43 CFLAGS="$CFLAGS -msg_disable unusedtop" | |
44 CFLAGS="$CFLAGS -msg_disable unrefdecl" | |
517 | 45 |
515 | 46 CFLAGS="$CFLAGS -msg_disable bitnotint" |