Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
More precise calculate the maximum record size when using SslProvider… #6276
….OPENSSL* and so decrease mem usage.
We used ca 2k as maximum overhead for encrypted packets which is a lot more then what is needed in reality by OpenSSL. This could lead to the need of more memory.
Less memory usage.
By the way, at some point, BoringSSL will probably have some kind of in-place/buffer-free/BIO-free/bring-your-own-buffer/whatever-you-call-it API that should align much better with the wrap/unwrap thing you're doing.
(Although the first iteration is probably not going to be require contiguous buffers, so you'll probably still need to do some copying.)
@Scottmitch You should be able to save the copies in and out of the SSL stack's internal buffer? But I haven't looked very closely at your current code or the PR. Trying to mimic wrap/unwrap over
(To clarify, this is more a direction we're keeping in mind as we rework the stack thing rather than something you'll have available next week or anything.)