On 17/12/2015 10:36, counterpoint wrote: > Thanks to Michael and Kurt for explanatory comments. > > Is there an available setting that gives the upper limit on the amount of > data that will be obtained by a single ssl_read()? > > The data stream is SQL requests, and often these are quite small, but they > can run to megabytes. I need to malloc a buffer for the data. If it is too > small, that will impose extra processing overheads in the rest of the > system. If it is too large, it will impose memory wastage on the rest of the > system. The system has an upper limit of 32 KB on the initial size of a > buffer for reading, but that is way above the typical SQL request. > > So, accepting that I can't set the size precisely, if there is a limit for > SSL data reads that is significantly lower than 32 KB then that might be a > feasible fixed buffer size. If that isn't possible, maybe it will have to > be a tunable configuration value. Any comments? The current SSL/TLS standards limits the per record data size to 16K exactly, see for example RFC5246 section 6.2.1. However the data you want in your (higher level) code probably has a completely different natural size limit/unit which may be larger and smaller. For SQL there is no natural limit however, unless your SQL parser happens to fail on statements above some arbitrary size. Enjoy and Merry Christmas Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151217/e31502e6/attachment-0001.html>
