wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 04:04:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added new session cache size. Added options for Fortress build.

Browse Source
This commit is contained in:
John Safranek
2012-03-12 10:31:45 -07:00
parent 3744e2122f
commit d7ef83d1b3
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
configure.ac
View File

@@ -186,7 +186,7 @@ AC_ARG_ENABLE(fortress,
if test "$ENABLED_FORTRESS" = "yes" if test "$ENABLED_FORTRESS" = "yes"
then then
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD" AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DBIG_SESSION_CACHE -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD"
fi fi

4
cyassl/internal.h
View File

@@ -356,7 +356,11 @@ enum Misc {
MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */ MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */
MAX_PSK_KEY_LEN = 64, /* max psk key supported */ MAX_PSK_KEY_LEN = 64, /* max psk key supported */
#ifdef FORTRESS
MAX_CHAIN_DEPTH = 9, /* max cert chain peer depth, FORTRESS option */
#else
MAX_CHAIN_DEPTH = 4, /* max cert chain peer depth */ MAX_CHAIN_DEPTH = 4, /* max cert chain peer depth */
#endif
MAX_X509_SIZE = 2048, /* max static x509 buffer size */ MAX_X509_SIZE = 2048, /* max static x509 buffer size */
CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */
MAX_FILENAME_SZ = 256, /* max file name length */ MAX_FILENAME_SZ = 256, /* max file name length */

9
src/ssl.c
View File

@@ -530,8 +530,10 @@ int AddCA(CYASSL_CTX* ctx, buffer der, int type)
/* basic config gives a cache with 33 sessions, adequate for clients and /* basic config gives a cache with 33 sessions, adequate for clients and
embedded servers embedded servers
BIG_SESSION_CACHE allows 1055 sessions, adequate for servers that aren't MEDIUM_SESSION_CACHE allows 1055 sessions, adequate for servers that
under heavy load, basically allows 200 new sessions per minute aren't under heavy load, basically allows 200 new sessions per minute
BIG_SESSION_CACHE yields 20,0027 sessions
HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load, HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load,
allows over 13,000 new sessions per minute or over 200 new sessions per allows over 13,000 new sessions per minute or over 200 new sessions per
@@ -545,6 +547,9 @@ int AddCA(CYASSL_CTX* ctx, buffer der, int type)
#define SESSIONS_PER_ROW 11 #define SESSIONS_PER_ROW 11
#define SESSION_ROWS 5981 #define SESSION_ROWS 5981
#elif defined(BIG_SESSION_CACHE) #elif defined(BIG_SESSION_CACHE)
#define SESSIONS_PER_ROW 7
#define SESSION_ROWS 2861
#elif defined(MEDIUM_SESSION_CACHE)
#define SESSIONS_PER_ROW 5 #define SESSIONS_PER_ROW 5
#define SESSION_ROWS 211 #define SESSION_ROWS 211
#elif defined(SMALL_SESSION_CACHE) #elif defined(SMALL_SESSION_CACHE)