|
@@ -541,7 +541,7 @@ modparam("tls", "ssl_freelist_max_len", 0)
|
|
|
Sets the maximum number of bytes (from the clear text) sent into
|
|
Sets the maximum number of bytes (from the clear text) sent into
|
|
|
one TLS record. Valid values are between 512 and 16384.
|
|
one TLS record. Valid values are between 512 and 16384.
|
|
|
Note however that even valid low values might not be big enough to
|
|
Note however that even valid low values might not be big enough to
|
|
|
- allow a succesfull handshake (try minimum 1024).
|
|
|
|
|
|
|
+ allow a successful handshake (try minimum 1024).
|
|
|
</para>
|
|
</para>
|
|
|
<para>
|
|
<para>
|
|
|
Lower values would lead to less memory usage, but values lower then
|
|
Lower values would lead to less memory usage, but values lower then
|
|
@@ -553,7 +553,7 @@ modparam("tls", "ssl_freelist_max_len", 0)
|
|
|
<note>
|
|
<note>
|
|
|
<para>
|
|
<para>
|
|
|
Values on the lower side, even if valid (> 512), might not allow
|
|
Values on the lower side, even if valid (> 512), might not allow
|
|
|
- for a succesfull initial handshake. This happens if the
|
|
|
|
|
|
|
+ for a successful initial handshake. This happens if the
|
|
|
certificate does not fit inside one send fragment.
|
|
certificate does not fit inside one send fragment.
|
|
|
Values lower then 1024 should not be used.
|
|
Values lower then 1024 should not be used.
|
|
|
Even with higher values, if the handshake fails,
|
|
Even with higher values, if the handshake fails,
|
|
@@ -717,7 +717,7 @@ modparam("tls", "ct_wq_max", 4194304)
|
|
|
<title><varname>ct_wq_blk_size</varname> (integer)</title>
|
|
<title><varname>ct_wq_blk_size</varname> (integer)</title>
|
|
|
<para>
|
|
<para>
|
|
|
Minimum block size for the internal clear-text send queues
|
|
Minimum block size for the internal clear-text send queues
|
|
|
- (debugging / advanced tunning).
|
|
|
|
|
|
|
+ (debugging / advanced tuning).
|
|
|
Good values are multiple of typical datagram sizes.
|
|
Good values are multiple of typical datagram sizes.
|
|
|
</para>
|
|
</para>
|
|
|
<para>
|
|
<para>
|
|
@@ -819,7 +819,7 @@ modparam("tls", "tls_debug", 10)
|
|
|
As of this writing this is not true for any OpenSSL version (including 0.9.8e).
|
|
As of this writing this is not true for any OpenSSL version (including 0.9.8e).
|
|
|
</para>
|
|
</para>
|
|
|
<para>
|
|
<para>
|
|
|
- If an ill-behaved OpenSSL version is detected, a very conservative value is choosed,
|
|
|
|
|
|
|
+ If an ill-behaved OpenSSL version is detected, a very conservative value is chosen,
|
|
|
which depends on the maximum possible number of simultaneously created TLS connections
|
|
which depends on the maximum possible number of simultaneously created TLS connections
|
|
|
(and hence on the process number).
|
|
(and hence on the process number).
|
|
|
</para>
|
|
</para>
|
|
@@ -873,7 +873,7 @@ modparam("tls", "low_mem_threshold1", -1)
|
|
|
As of this writing this is not true for any OpenSSL version (including 0.9.8e).
|
|
As of this writing this is not true for any OpenSSL version (including 0.9.8e).
|
|
|
</para>
|
|
</para>
|
|
|
<para>
|
|
<para>
|
|
|
- If an ill-behaved OpenSSL version is detected, a very conservative value is choosed,
|
|
|
|
|
|
|
+ If an ill-behaved OpenSSL version is detected, a very conservative value is chosen,
|
|
|
which depends on the maximum possible number of simultaneously created
|
|
which depends on the maximum possible number of simultaneously created
|
|
|
TLS connections (and hence on the process number).
|
|
TLS connections (and hence on the process number).
|
|
|
</para>
|
|
</para>
|
|
@@ -921,7 +921,7 @@ modparam("tls", "low_mem_threshold2", -1)
|
|
|
If enabled &kamailio; will start even if some of the OpenSSL sanity checks fail (turn it on at your own risk).
|
|
If enabled &kamailio; will start even if some of the OpenSSL sanity checks fail (turn it on at your own risk).
|
|
|
</para>
|
|
</para>
|
|
|
<para>
|
|
<para>
|
|
|
- If any of the following sanity checks fal, Kamailio will not start:
|
|
|
|
|
|
|
+ If any of the following sanity checks fail, Kamailio will not start:
|
|
|
</para>
|
|
</para>
|
|
|
<itemizedlist>
|
|
<itemizedlist>
|
|
|
<listitem>
|
|
<listitem>
|
Florian Floimair