Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-40393

Disable SSL_MODE_RELEASE_BUFFERS in ASIO

    • Fully Compatible
    • v4.0, v3.6, v3.4
    • Security 2019-04-08
    • 0

      We should disable the use of SSL_MODE_RELEASE_BUFFERS in ASIO in MongoDB.

      According to https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_mode.html, SSL_MODE_RELEASE_BUFFERS :

      SSL_MODE_RELEASE_BUFFERS
      When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections.

       If we have 30k idle connections, that works out to 1 GB of data. 

       

            Assignee:
            mark.benvenuto@mongodb.com Mark Benvenuto
            Reporter:
            david.daly@mongodb.com David Daly (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved: