:vpp-dev@lists.fd.io <mailto:vpp-dev@lists.fd.io>] On Behalf Of Yu,
> Ping
> Sent: Thursday, July 26, 2018 9:26 AM
> To: Florin Coras (fcoras) mailto:fco...@cisco.com>>;
> vpp-dev@lists.fd.io <mailto:vpp-dev@lists.fd.io>
> Cc: Yu, Ping mailto:ping...@intel.com>>
Coras (fcoras) ; vpp-dev@lists.fd.io
Cc: Yu, Ping
Subject: Re: [vpp-dev] tls init server is too heavy
That’s great. I will implement it and submit patch for this optimization.
Ping
From: Florin Coras (fcoras) [mailto:fco...@cisco.com]
Sent: Thursday, July 26, 2018 1:01 AM
To: Yu, Ping mailto:ping
That’s great. I will implement it and submit patch for this optimization.
Ping
From: Florin Coras (fcoras) [mailto:fco...@cisco.com]
Sent: Thursday, July 26, 2018 1:01 AM
To: Yu, Ping ; vpp-dev@lists.fd.io
Subject: Re: tls init server is too heavy
Hi Ping,
The plan you proposed sounds great, so
Hi Ping,
The plan you proposed sounds great, so definitely go for it! You’ll have to
find a place to store a pointer to the shared engine-generated context (i.e.,
ssl_ctx) in the generic listener context. If no obvious field is available,
maybe you can abuse the ctx_id since we still have space
Hello, Florin
In current TLS openssl implementation, in each accepted TLS session,
openssl_ctx_init_server needs to re-init ssl_ctx, and set key and certificate,
which actually is not necessary, and normally one-time initialization is good
enough. After I change this initialization to run only
