diff options
author | Tianjia Zhang <tianjia.zhang@linux.alibaba.com> | 2020-03-13 11:24:05 +0800 |
---|---|---|
committer | Paul Yang <kaishen.yy@antfin.com> | 2020-04-01 19:13:25 +0800 |
commit | cd81ac7be309881b282ce517f902d211a26d8b42 (patch) | |
tree | bc0454408012fdd926edd1ec0e7196c3bdc414a7 /doc/man1/openssl-s_server.pod.in | |
parent | 96ebe52e897dea29664683e138877fb5eb995e4d (diff) |
apps: support sendfile in s_server when ktls enabled
When the -WWW or -HTTP option is specified, s_server can choose
to use SSL_sendfile to transmit the file requested by client
with KTLS is enabled, taking full advantage of the performance
advantages of Kernel TLS, and adding the '-sendfile' command
line parameter to control this behavior.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11318)
Diffstat (limited to 'doc/man1/openssl-s_server.pod.in')
-rw-r--r-- | doc/man1/openssl-s_server.pod.in | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in index 9a5ef10d0a..0fd22d4689 100644 --- a/doc/man1/openssl-s_server.pod.in +++ b/doc/man1/openssl-s_server.pod.in @@ -124,6 +124,7 @@ B<openssl> B<s_server> [B<-nextprotoneg> I<val>] [B<-use_srtp> I<val>] [B<-alpn> I<val>] +[B<-sendfile>] [B<-keylogfile> I<outfile>] [B<-recv_max_early_data> I<int>] [B<-max_early_data> I<int>] @@ -152,6 +153,8 @@ B<openssl> B<s_server> =for openssl ifdef ssl3 tls1 tls1_1 tls1_2 tls1_3 dtls mtu dtls1 dtls1_2 +=for openssl ifdef sendfile + =head1 DESCRIPTION This command implements a generic SSL/TLS server which @@ -613,6 +616,12 @@ Protocol names are printable ASCII strings, for example "http/1.1" or "spdy/3". The flag B<-nextprotoneg> cannot be specified if B<-tls1_3> is used. +=item B<-sendfile> + +If this option is set and KTLS is enabled, SSL_sendfile() will be used +instead of BIO_write() to send the HTTP response requested by a client. +This option is only valid if B<-WWW> or B<-HTTP> is specified. + =item B<-keylogfile> I<outfile> Appends TLS secrets to the specified keylog file such that external programs |