sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-25 00:17:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

[tls] Request a maximum fragment length of 2048 bytes

Browse Source 
The default maximum plaintext fragment length for TLS is 16kB, which
is a substantial amount of memory for iPXE to have to allocate for a
temporary decryption buffer.

Reduce the memory footprint of TLS connections by requesting a maximum
fragment length of 2kB.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2012-06-29 15:28:15 +01:00
parent ea61075c60
commit 9a8c6b00d4
2 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/include/ipxe/tls.h
View File

@@ -89,10 +89,17 @@ struct tls_header {
/* TLS signature algorithm identifiers */
#define TLS_RSA_ALGORITHM 1
/* TLS extension types */
/* TLS server name extension */
#define TLS_SERVER_NAME 0
#define TLS_SERVER_NAME_HOST_NAME 0
/* TLS maximum fragment length extension */
#define TLS_MAX_FRAGMENT_LENGTH 1
#define TLS_MAX_FRAGMENT_LENGTH_512 1
#define TLS_MAX_FRAGMENT_LENGTH_1024 2
#define TLS_MAX_FRAGMENT_LENGTH_2048 3
#define TLS_MAX_FRAGMENT_LENGTH_4096 4
/** TLS RX state machine state */
enum tls_rx_state {
TLS_RX_HEADER = 0,