[ejabberd] Memory use with SSL connections

Simon Josefsson simon at josefsson.org
Tue Jan 20 12:45:49 MSK 2009

Evgeniy Khramtsov <xramtsov at gmail.com> writes:

>>or might
>>one of the light libraries with flakey standards coverage (e.g.,
>>yassl) work well enough?
> OpenSSL has a very important benefit: it doesn't require socket
> descriptors to be passed to it's API functions. Other libraries
> (gnutls, yassl) need sockets to be passed to their functions
> (furthermore, sockets must be in blocking mode!!), but this is not
> acceptable in Erlang of course. At least I didn't see alternative
> libraries without this restriction.

That's not true, GnuTLS does not require that.  GnuTLS works fine with
non-blocking sockets.  You can also replace the socket operations with
your own push/pull functions, to complete avoid passing any socket to

For a minimal in-memory example of a TLS client+server implementation
without threads nor sockets using GnuTLS, see:


The API to use for setting your own push/pull functions are
gnutls_transport_set_push_function and

Hope this helps,

More information about the ejabberd mailing list