Added new session cache size. Added options for Fortress build.

2012-03-12 10:31:45 -07:00 · 2012-03-12 10:31:45 -07:00 · d7ef83d1b3
commit d7ef83d1b3
parent 3744e2122f
3 changed files with 12 additions and 3 deletions
--- a/configure.ac
+++ b/configure.ac
@ -186,7 +186,7 @@ AC_ARG_ENABLE(fortress,

 if test "$ENABLED_FORTRESS" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD"
+    AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DBIG_SESSION_CACHE -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD"
 fi


--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@ -356,7 +356,11 @@ enum Misc {
    MAX_PSK_ID_LEN     = 128,  /* max psk identity/hint supported */
    MAX_PSK_KEY_LEN    =  64,  /* max psk key supported */

+#ifdef FORTRESS
+    MAX_CHAIN_DEPTH    =   9,  /* max cert chain peer depth, FORTRESS option */
+#else
    MAX_CHAIN_DEPTH    =   4,  /* max cert chain peer depth */
+#endif
    MAX_X509_SIZE      = 2048, /* max static x509 buffer size */
    CERT_MIN_SIZE      =  256, /* min PEM cert size with header/footer */
    MAX_FILENAME_SZ    =  256, /* max file name length */
--- a/src/ssl.c
+++ b/src/ssl.c
@ -530,8 +530,10 @@ int AddCA(CYASSL_CTX* ctx, buffer der, int type)
    /* basic config gives a cache with 33 sessions, adequate for clients and
       embedded servers

-       BIG_SESSION_CACHE allows 1055 sessions, adequate for servers that aren't
-       under heavy load, basically allows 200 new sessions per minute
+       MEDIUM_SESSION_CACHE allows 1055 sessions, adequate for servers that
+       aren't under heavy load, basically allows 200 new sessions per minute
+
+       BIG_SESSION_CACHE yields 20,0027 sessions

       HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load,
       allows over 13,000 new sessions per minute or over 200 new sessions per
@ -545,6 +547,9 @@ int AddCA(CYASSL_CTX* ctx, buffer der, int type)
        #define SESSIONS_PER_ROW 11
        #define SESSION_ROWS 5981
    #elif defined(BIG_SESSION_CACHE)
+        #define SESSIONS_PER_ROW 7
+        #define SESSION_ROWS 2861
+    #elif defined(MEDIUM_SESSION_CACHE)
        #define SESSIONS_PER_ROW 5
        #define SESSION_ROWS 211
    #elif defined(SMALL_SESSION_CACHE)