NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Hundreds of crypto file descriptors for Apache httpd
noloader%gmail.com@localhost (Jeffrey Walton) writes:
>sideways. OpenSSL is supposed to open the device once and share it
>internally. From the head notes of engines/e_devcrypto.c:
>$ cat engines/e_devcrypto.c
>...
>/*
> * ONE global file descriptor for all sessions. This allows operations
> * such as digest session data copying (see digest_copy()), but is also
> * saner... why re-open /dev/crypto for every session?
That's not exactly the same. The engine shares the same descriptor for
any number of SSL sessions, but if the engine is initialized once
per thread, then each thread opens a descriptor and shares it for the
SSL sessions created from that thread.
--
--
Michael van Elst
Internet: mlelstv%serpens.de@localhost
"A potential Snark may lurk in every tree."
Home |
Main Index |
Thread Index |
Old Index