[mod_openssl] ssl.read-ahead="disable" by default

set ssl.read-ahead = "disable" by default (modifies commit f4e1357d) Given various reports from users of embedded systems, the default is being changed to do the sane thing for these systems. This is the right setting on slow embedded systems for which decoding SSL input is slower than receiving that input over the network. On the other hand, for faster systems, ssl.read-ahead = "enable" is recommended for a slight performance gain and should be explicitly set in the global or $SERVER["socket"] configuration blocks in lighttpd.conf x-ref: "https POST requests buffered in RAM since v1.4.41?" https://redmine.lighttpd.net/boards/2/topics/7520
2017-10-19 08:51:20 -04:00 · 2017-10-19 08:51:20 -04:00 · 77bdaa3a93
parent 7f82ddab3f
commit 77bdaa3a93
1 changed files with 1 additions and 1 deletions
--- a/src/mod_openssl.c
+++ b/src/mod_openssl.c
@ -941,7 +941,7 @@ SETDEFAULTS_FUNC(mod_openssl_set_defaults)
        s->ssl_verifyclient_export_cert = 0;
        s->ssl_disable_client_renegotiation = 1;
        s->ssl_read_ahead = (0 == i)
-	  ? !srv->config_storage[0]->stream_request_body
+	  ? 0
 	  : p->config_storage[0]->ssl_read_ahead;
        if (0 != i) buffer_copy_buffer(s->ssl_ca_crl_file, p->config_storage[0]->ssl_ca_crl_file);
        if (0 != i) buffer_copy_buffer(s->ssl_ca_dn_file, p->config_storage[0]->ssl_ca_dn_file);