Feature #4672

[PATCH] openssl: enable SSL_MODE_RELEASE_BUFFERS if available

Added by normalperson (Eric Wong) over 9 years ago. Updated over 9 years ago.

Target version:


Available in OpenSSL 1.0.0a and later, this can save up to 34KB
per idle connection.

Using the test script below run with the time(1) command on 64-bit
Linux (needs /proc/$PID/status to grab VmRSS:)


conn_clients: 500
srv_clients: 500
VmRSS: 65428 kB
19.18user 1.86system 0:20.72elapsed 101%CPU (0avgtext+0avgdata 263952maxresident
0inputs+0outputs (0major+56932minor)pagefaults 0swaps


conn_clients: 500
srv_clients: 500

VmRSS: 19228 kB
19.41user 1.53system 0:20.64elapsed 101%CPU (0avgtext+0avgdata 77424maxresident)
0inputs+0outputs (0major+20845minor)pagefaults 0swaps

(test script attached)

You can also pull my change via git:

git clone git:// ssl-memory


0001-openssl-enable-SSL_MODE_RELEASE_BUFFERS-if-available.patch (2.75 KB) 0001-openssl-enable-SSL_MODE_RELEASE_BUFFERS-if-available.patch patch to enable SSL_MODE_RELEASE_BUFFERS normalperson (Eric Wong), 05/12/2011 04:05 PM
openssl_memory.rb (1.1 KB) openssl_memory.rb test script used to generate output normalperson (Eric Wong), 05/12/2011 04:05 PM

Updated by MartinBosslet (Martin Bosslet) over 9 years ago

  • Assignee set to nahi (Hiroshi Nakamura)

This patch seems reasonable. I looked at the implementation in OpenSSL (1.0.0d)
and it looks like using SSL_MODE_RELEASE_BUFFERS should not cause any problems.

Hiroshi, what do you think?


(PS: If you agree that we should apply this, please feel free to assign back to
me for application of this patch)

Updated by nahi (Hiroshi Nakamura) over 9 years ago

  • Status changed from Open to Assigned
  • Assignee changed from nahi (Hiroshi Nakamura) to MartinBosslet (Martin Bosslet)

Excellent result. It looks like a gift from Tor project. There's no reason I can imagine not to apply this. Please apply this.

I think it's OK to commit this w/o writing a test. :)


Updated by Anonymous over 9 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r32198.
Eric, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.

  • ext/openssl/ossl_ssl.c: Use SSL_MODE_RELEASE_BUFFERS if available. Thanks, Eric Wong, for providing the patch. [ Ruby 1.9 - Feature #4672 ] [ruby-core:36127]

Also available in: Atom PDF