Startseite Erkunden Hilfe
Anmelden
c
/
gnu.libmicrohttpd
Mirror von https://git.gnunet.org/libmicrohttpd.git
2
0
Fork 0
Dateien Issues 0 Wiki
Quellcode durchsuchen

connection_https: disabled back TCP_NODELAY optimisation

Evgeny Grin (Karlson2k) vor 4 Jahren
Ursprung
7d5e06ed5f
Commit
2704ce9895
2 geänderte Dateien mit 16 neuen und 8 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 6 0
      ChangeLog
  2. 10 8
      src/microhttpd/connection_https.c

+ 6 - 0
ChangeLog
Datei anzeigen 

@@ -1,3 +1,9 @@
 
+Sun 11 Apr 2021 15:44:00 MSK
 
+    Updated test TLS certificates to not expired modern versions, restored
 
+    HTTPS examples compatibility with modern browsers.
 
+    TCP_NODELAY is not pre-enabled for HTTPS connection as it actually
 
+    does not speed-up TLS handshakes on moders OSes. -EG
 
+
 
 Thu 01 Apr 2021 21:29:46 MSK
 
     Fixed MD5 digest authorization broken when compiled without variable
 
     length arrays support (notably with MSVC).

+ 10 - 8
src/microhttpd/connection_https.c
Datei anzeigen 

@@ -1,6 +1,7 @@
 
 /*
 
      This file is part of libmicrohttpd
 
      Copyright (C) 2007, 2008, 2010 Daniel Pittman and Christian Grothoff
 
+     Copyright (C) 2015-2021 Karlson2k (Evgeny Grin)
 
 
      This library is free software; you can redistribute it and/or
 
      modify it under the terms of the GNU Lesser General Public
 
@@ -24,6 +25,7 @@
 
  *         compiled if ENABLE_HTTPS is set.
 
  * @author Sagie Amir
 
  * @author Christian Grothoff
 
+ * @author Karlson2k (Evgeny Grin)
 
  */
 
 
 #include "internal.h"
 
@@ -108,16 +110,16 @@ MHD_run_tls_handshake_ (struct MHD_Connection *connection)
 
   if ((MHD_TLS_CONN_INIT == connection->tls_state) ||
 
       (MHD_TLS_CONN_HANDSHAKING == connection->tls_state))
 
   {
 
-    /* GnuTLS uses sendmsg() (when available) to send outgoing message
 
-     * by single system call therefore there is no need to wait for
 
-     * additional data after sendmsg(). TLS handshake requires several packets
 
-     * exchange so set TCP_NODELAY here to avoid delay before each outgoing
 
-     * packet is pushed to the network from kernel network buffers.
 
-     * As a drawback, this may result in a larger number of IP packet being
 
-     * send on platforms without sendmsg() support, but luckily such platforms
 
-     * are now rare and they don't provide best performance anyway. */
 
+#if 0
 
+    /* According to real-live testing, Nagel's Algorithm is not blocking
 
+     * partial packets on just connected sockets on modern OSes. As TLS setup
 
+     * is performed as the fist action upon socket connection, the next
 
+     * optimisation typically is not required. If any specific OS will
 
+     * require this optimization, it could be enabled by allowing the next
 
+     * lines for this specific OS. */
 
     if (_MHD_ON != connection->sk_nodelay)
 
       MHD_connection_set_nodelay_state_ (connection, true);
 
+#endif
 
     ret = gnutls_handshake (connection->tls_session);
 
     if (ret == GNUTLS_E_SUCCESS)
 
     {