Release TLS read and write buffers when idle

By default OpenSSL uses static large read/write buffers with TLS connections. For memcached instances with a lot of client connections this can quickly add up to gigabytes of memory. This options allows the buffers to release when the clients are idle.
author: Tharanga Gamaethige <tgamaethige@netflix.com> 2022-08-26 14:41:44 -0700
committer: dormando <dormando@rydia.net> 2022-08-26 15:37:55 -0700
commit: e31abc34f990e12efa57218a3b72d38969c6b142 (patch)
tree: 04fef28af6ba3f307a654bdef3a29c011d9db472 /tls.c
parent: 15ff009464a66c3cc7d5f767a51117874aac9731 (diff)
download: memcached-e31abc34f990e12efa57218a3b72d38969c6b142.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/tls.c b/tls.c
index 88320ab..3f1f6fa 100644
--- a/tls.c
+++ b/tls.c
@@ -228,6 +228,9 @@ int ssl_init(void) {
     SSL_CTX_set_options(settings.ssl_ctx, SSL_OP_NO_RENEGOTIATION);
 #endif
 
+    // Release TLS read/write buffers of idle connections
+    SSL_CTX_set_mode(settings.ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
+
     return 0;
 }
author	Tharanga Gamaethige <tgamaethige@netflix.com>	2022-08-26 14:41:44 -0700
committer	dormando <dormando@rydia.net>	2022-08-26 15:37:55 -0700
commit	e31abc34f990e12efa57218a3b72d38969c6b142 (patch)
tree	04fef28af6ba3f307a654bdef3a29c011d9db472 /tls.c
parent	15ff009464a66c3cc7d5f767a51117874aac9731 (diff)
download	memcached-e31abc34f990e12efa57218a3b72d38969c6b142.tar.gz