From 59a2a787ee8702bfa6ffe93e634876a26825be93 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Sat, 16 Mar 2019 10:17:28 +0800
Subject: [PATCH] openssl: try to reduce memory usage

---
 lib/tls/openssl/openssl-client.c | 4 ++++
 lib/tls/openssl/openssl-server.c | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/tls/openssl/openssl-client.c b/lib/tls/openssl/openssl-client.c
index 26db7a868..299c58ff4 100644
--- a/lib/tls/openssl/openssl-client.c
+++ b/lib/tls/openssl/openssl-client.c
@@ -406,6 +406,10 @@ lws_tls_client_create_vhost_context(struct lws_vhost *vh,
 	SSL_CTX_set_options(vh->tls.ssl_client_ctx,
 			    SSL_OP_CIPHER_SERVER_PREFERENCE);
 
+	SSL_CTX_set_mode(vh->tls.ssl_client_ctx,
+			 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
+			 SSL_MODE_RELEASE_BUFFERS);
+
 	if (info->ssl_client_options_set)
 		SSL_CTX_set_options(vh->tls.ssl_client_ctx,
 				    info->ssl_client_options_set);
diff --git a/lib/tls/openssl/openssl-server.c b/lib/tls/openssl/openssl-server.c
index 774a4cdbb..0562ebe1b 100644
--- a/lib/tls/openssl/openssl-server.c
+++ b/lib/tls/openssl/openssl-server.c
@@ -572,7 +572,8 @@ lws_tls_server_new_nonblocking(struct lws *wsi, lws_sockfd_type accept_fd)
 #endif
 #else
 
-	SSL_set_mode(wsi->tls.ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+	SSL_set_mode(wsi->tls.ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
+				   SSL_MODE_RELEASE_BUFFERS);
 	bio = SSL_get_rbio(wsi->tls.ssl);
 	if (bio)
 		BIO_set_nbio(bio, 1); /* nonblocking */