That's a tremendous improvement over SSL compression enabled, SSL_MODE_RELEASE_BUFFERS disabled and a very welcome change.
- Mike -----Original Message----- From: mosquitto-users-bounces+michael.frisch=nuance....@lists.launchpad.net [mailto:mosquitto-users-bounces+michael.frisch=nuance....@lists.launchpad.net] On Behalf Of Roger Light Sent: Monday, November 26, 2012 12:31 PM To: mosquitto-users@lists.launchpad.net Subject: [Mosquitto-users] SSL memory usage Hi, I've just done some crude testing with massif (the valgrind heap profiling tool) and mosquitto in various configurations. I'm connecting 1000 mosquitto_sub clients, all subscribing to $SYS/#. I'm not controlling any timing of when things happen, so there will be some small differences across tests. Test 1: Mosquitto 1.0.5 without SSL. Peak memory usage hit 2.871MB. Test 2: 1.0.5 with SSL, no client certificates. Peak memory of 617.3MB. Test 3: Modified 1.0.5 with SSL compression disabled. Peak memory 41.93MB. Test 4: Modified test 3 with SSL_MODE_RELEASE_BUFFERS enabled as well. Peak memory of 11.49MB. Quite an improvement I think you'll agree. I'm planning on disabling SSL compression in version 1.1, with no option for enabling it. It makes a huge difference to memory usage and also mitigates against possible CRIME like attacks: http://arstechnica.com/security/2012/09/many-ways-to-break-ssl-with-crime-attacks-experts-warn/ I haven't found any background on the possible downsides to using SSL_MODE_RELEASE_BUFFERS so it is difficult to say but it seems like a good candidate for inclusion. Cheers, Roger -- Mailing list: https://launchpad.net/~mosquitto-users Post to : mosquitto-users@lists.launchpad.net Unsubscribe : https://launchpad.net/~mosquitto-users More help : https://help.launchpad.net/ListHelp -- Mailing list: https://launchpad.net/~mosquitto-users Post to : mosquitto-users@lists.launchpad.net Unsubscribe : https://launchpad.net/~mosquitto-users More help : https://help.launchpad.net/ListHelp
