SHA256
1
0
forked from pool/postfix
postfix/postfix-ssl-release-buffers.patch
Michael Ströder 505c9a6190 Accepting request 896790 from home:darix:playground
This is work in progress:

Do not accept yet

How do we plan to handle the section from the RELEASE_NOTES about the internal process updates?

https://de.postfix.org/ftpmirror/official/postfix-3.6.0.RELEASE_NOTES

do we just hope that the restart will be fast enough?

OBS-URL: https://build.opensuse.org/request/show/896790
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=413
2021-06-02 10:12:35 +00:00

32 lines
971 B
Diff

Index: src/tls/tls_client.c
===================================================================
--- src/tls/tls_client.c.orig
+++ src/tls/tls_client.c
@@ -693,6 +693,11 @@ TLS_APPL_STATE *tls_client_init(const TL
SSL_CTX_set_security_level(client_ctx, 0);
#endif
+#ifdef SSL_MODE_RELEASE_BUFFERS
+ /* Keep memory usage as low as possible */
+ SSL_CTX_set_mode(client_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
+
/*
* See the verify callback in tls_verify.c
*/
Index: src/tls/tls_server.c
===================================================================
--- src/tls/tls_server.c.orig
+++ src/tls/tls_server.c
@@ -439,6 +439,10 @@ TLS_APPL_STATE *tls_server_init(const TL
SSL_CTX_set_security_level(sni_ctx, 0);
#endif
+#ifdef SSL_MODE_RELEASE_BUFFERS
+ /* Keep memory usage as low as possible */
+ SSL_CTX_set_mode(server_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
/*
* See the verify callback in tls_verify.c
*/