Repository: trafficserver Updated Branches: refs/heads/master 974a267fb -> ff2c28f02
[TS-2503]: Add 16K as upper limit for ssl.max_record_size setting Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/ff2c28f0 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/ff2c28f0 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/ff2c28f0 Branch: refs/heads/master Commit: ff2c28f028ac1ea7bd95ec50dcbea5ff53e7f1df Parents: 974a267 Author: Sudheer Vinukonda <[email protected]> Authored: Tue Oct 28 16:28:38 2014 +0000 Committer: Sudheer Vinukonda <[email protected]> Committed: Tue Oct 28 16:28:38 2014 +0000 ---------------------------------------------------------------------- doc/reference/configuration/records.config.en.rst | 7 +++++-- mgmt/RecordsConfig.cc | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/ff2c28f0/doc/reference/configuration/records.config.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/configuration/records.config.en.rst b/doc/reference/configuration/records.config.en.rst index ca30055..7b94f92 100644 --- a/doc/reference/configuration/records.config.en.rst +++ b/doc/reference/configuration/records.config.en.rst @@ -2165,8 +2165,11 @@ SSL Termination This configuration specifies the maximum number of bytes to write into a SSL record when replying over a SSL session. In some circumstances this setting can improve response latency by reducing - buffering at the SSL layer. The default of ``0`` means to always - write all available data into a single SSL record. + buffering at the SSL layer. This setting can have a value between 0 + and 16383 (max TLS record size). + + The default of ``0`` means to always write all available data into + a single SSL record. A value of ``-1`` means TLS record size is dynamically determined. The strategy employed is to use small TLS records that fit into a single http://git-wip-us.apache.org/repos/asf/trafficserver/blob/ff2c28f0/mgmt/RecordsConfig.cc ---------------------------------------------------------------------- diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc index eae41ce..8eab182 100644 --- a/mgmt/RecordsConfig.cc +++ b/mgmt/RecordsConfig.cc @@ -1296,7 +1296,7 @@ RecordElement RecordsConfig[] = { , {RECT_CONFIG, "proxy.config.ssl.session_cache.skip_cache_on_bucket_contention", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.max_record_size", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.ssl.max_record_size", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_NULL, "[0-16383]", RECA_NULL} , {RECT_CONFIG, "proxy.config.ssl.session_cache.timeout", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} ,
