Author: sf
Date: Sat Oct  1 19:48:14 2011
New Revision: 1178079

URL: http://svn.apache.org/viewvc?rev=1178079&view=rev
Log:
If MaxMemFree is set, set SSL_MODE_RELEASE_BUFFERS in mod_ssl.
Always set SSL_MODE_RELEASE_BUFFERS in ab.

PR: 51618
Submitted by: Cristian Rodríguez <crrodriguez opensuse org>, Stefan Fritsch

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
    httpd/httpd/trunk/support/ab.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1178079&r1=1178078&r2=1178079&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sat Oct  1 19:48:14 2011
@@ -12,6 +12,10 @@ Changes with Apache 2.3.15
      PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener,
      <lowprio20 gmail.com>]
 
+  *) mod_ssl: If MaxMemFree is set, ask OpenSSL >= 1.0.0 to reduce memory
+     usage.  PR 51618. [Cristian Rodr�guez <crrodriguez opensuse org>,
+     Stefan Fritsch]
+
   *) mod_ssl: At startup, when checking a server certificate whether it
      matches the configured ServerName, also take dNSName entries in the
      subjectAltName extension into account. PR 32652, PR 47051. [Kaspar Brand]

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=1178079&r1=1178078&r2=1178079&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Sat Oct  1 19:48:14 2011
@@ -27,6 +27,7 @@
                                   see Recursive.''
                                         -- Unknown   */
 #include "ssl_private.h"
+#include "mpm_common.h"
 
 /*  _________________________________________________________________
 **
@@ -574,6 +575,12 @@ static void ssl_init_ctx_protocol(server
      */
     SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
 #endif
+
+#ifdef SSL_MODE_RELEASE_BUFFERS
+    /* If httpd is configured to reduce mem usage, ask openssl to do so, too */
+    if (ap_max_mem_free != APR_ALLOCATOR_MAX_FREE_UNLIMITED)
+        SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
 }
 
 static void ssl_init_ctx_session_cache(server_rec *s,

Modified: httpd/httpd/trunk/support/ab.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?rev=1178079&r1=1178078&r2=1178079&view=diff
==============================================================================
--- httpd/httpd/trunk/support/ab.c (original)
+++ httpd/httpd/trunk/support/ab.c Sat Oct  1 19:48:14 2011
@@ -2288,6 +2288,10 @@ int main(int argc, const char * const ar
         exit(1);
     }
     SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
+#ifdef SSL_MODE_RELEASE_BUFFERS
+    /* Keep memory usage as low as possible */
+    SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
     if (ssl_cipher != NULL) {
         if (!SSL_CTX_set_cipher_list(ssl_ctx, ssl_cipher)) {
             fprintf(stderr, "error setting cipher list [%s]\n", ssl_cipher);