[mod_openssl] ssl.read-ahead="disable" by default

set ssl.read-ahead = "disable" by default (modifies commit f4e1357d)

Given various reports from users of embedded systems, the default is
being changed to do the sane thing for these systems.  This is the
right setting on slow embedded systems for which decoding SSL input
is slower than receiving that input over the network.

On the other hand, for faster systems, ssl.read-ahead = "enable" is
recommended for a slight performance gain and should be explicitly set
in the global or $SERVER["socket"] configuration blocks in lighttpd.conf

  "https POST requests buffered in RAM since v1.4.41?"
This commit is contained in:
Glenn Strauss 2017-10-19 08:51:20 -04:00
parent 7f82ddab3f
commit 77bdaa3a93
1 changed files with 1 additions and 1 deletions

View File

@ -941,7 +941,7 @@ SETDEFAULTS_FUNC(mod_openssl_set_defaults)
s->ssl_verifyclient_export_cert = 0;
s->ssl_disable_client_renegotiation = 1;
s->ssl_read_ahead = (0 == i)
? !srv->config_storage[0]->stream_request_body
? 0
: p->config_storage[0]->ssl_read_ahead;
if (0 != i) buffer_copy_buffer(s->ssl_ca_crl_file, p->config_storage[0]->ssl_ca_crl_file);
if (0 != i) buffer_copy_buffer(s->ssl_ca_dn_file, p->config_storage[0]->ssl_ca_dn_file);