-
-
Notifications
You must be signed in to change notification settings - Fork 9.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Why does OpenSSL 3.0-alpha5 use more memory for TLS handshake than OpenSSL 1.1.1f #13270
Comments
It is generally expected that openssl 3.0 will have a larger memory footprint than 1.1.1, due to the re-architecture and needing to keep around some level of legacy support for a transition period until the old APIs can be removed. |
@kaduk Thank you for your reply. |
When diverse crypto implementations are fetched from the providers, their diverse methods are created on the fly and cached internally. That will probably be a noticeable chunk of memory. However, that's expected to be a one time overhead, not a per-connection one. I'd like to know if you do, say, 1000 connections to the same address, are you seeing a 78% memory increase 1000 times, or just the first time (or possibly a very limited amount of times)? |
@levitte hi, levitte. |
Does this mean that the change of crypto library cause the increase of runtime memory in the first connection? |
Yes |
It's building some tables of function pointers. I am surprised it is noticeable. A malloc-trace or some such would help figure things out. |
@levitte Can i add feature options to reduce default provider to reduce the increase of runtime memory in the first connection,such as no-ec etc. |
Load the default provider is on the thread or a process?Load only once in a multi-thread? |
A similar question was answered at #13219 (comment) but I note that this is known to only regain part of the memory footprint in question.
I believe it is per-process. |
After load default provider, per-connection increase 1KB runtime memory, is "struct ssl3_state_st *s3;" change in struct ssl_st cause it? |
I assume not. The structure itself is the same, it's just that in 3.0, it's included inside |
Hi,I want to know these questions.
Why does OpenSSL 3.0-alpha5 use more memory than OpenSSL 1.1.1f when use SSL_connect function for TLS handshake?
What code/features changes caused it?
How to reduce memory to the same as OpenSSL 1.1.1f?
Thanks in advance.
The text was updated successfully, but these errors were encountered: