Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl.c @ 5003:82234f3f5ca2
SSL: speedup loading of configs with many ssl servers.
The patch saves one EC_KEY_generate_key() call per server{} block by
informing OpenSSL about SSL_OP_SINGLE_ECDH_USE we are going to use before
the SSL_CTX_set_tmp_ecdh() call.
For a configuration file with 10k simple server{} blocks with SSL enabled
this change reduces startup time from 18s to 5s on a slow test box here.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Wed, 09 Jan 2013 14:11:48 +0000 |
| parents | f2e450929c1f |
| children | 0ea36741bb35 |
comparison
equal
deleted
inserted
replaced
| 5002:39c597272c8d | 5003:82234f3f5ca2 |
|---|---|
| 641 ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0, | 641 ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0, |
| 642 "Unable to create curve \"%s\"", name->data); | 642 "Unable to create curve \"%s\"", name->data); |
| 643 return NGX_ERROR; | 643 return NGX_ERROR; |
| 644 } | 644 } |
| 645 | 645 |
| 646 SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE); | |
| 647 | |
| 646 SSL_CTX_set_tmp_ecdh(ssl->ctx, ecdh); | 648 SSL_CTX_set_tmp_ecdh(ssl->ctx, ecdh); |
| 647 | |
| 648 SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE); | |
| 649 | 649 |
| 650 EC_KEY_free(ecdh); | 650 EC_KEY_free(ecdh); |
| 651 #endif | 651 #endif |
| 652 #endif | 652 #endif |
| 653 | 653 |