[gnutls-devel] TCP Fast Open

Tim Ruehsen tim.ruehsen at gmx.de
Wed Jul 13 13:09:59 CEST 2016 

On Wednesday, July 13, 2016 9:28:28 AM CEST Nikos Mavrogiannopoulos wrote:
> On Tue, Jul 12, 2016 at 5:33 PM, Tim Ruehsen <tim.ruehsen at gmx.de> wrote:
> > Hi,
> > I just wanted to mention that I recently added TFO in Wget2 using GnuTLS
> > (tested on Linux, speedup ~ 1xRTT).
> 
> Hi Tim,
>  That sounds great. Did you combine that with other optimizations such
> as session resumption and false start?

My solution would work for both, but I didn't implement these optimizations - 
I simply wasn't aware of them. Thanks for pointing out, I'll investigate...

> > Is there any interest in a gnutls_ helper function ?
> 
> Certainly. I have not a good overview of the changes required, but as
> I understand from your description we would have to handle the
> connect()/sendmsg() steps within gnutls and its callbacks. As you have
> a better overview, I'd suggest that you make a proposal on what you
> think is the simplest.

We need addr/addrlen as addition to the socket descriptor before the first 
write. Both would be stored best within the 'session' structure. We also would 
need a helper flag to indicate if a write is the first one or not.

> > What I do now is setting my own vec_push function + transport pointer.
> > In the vec_push function I use sendmsg() with MSG_FASTOPEN and fallback to
> > connect/writev on errno=EOPNOTSUPP (ups, just see that I didn't test the
> > fallback yet). At this point we need the sockaddr + sockaddrlen of the
> > socket descriptor.
> > 
> > From here on I set the vec_push function and the transport pointer 'back
> > to
> > normal', which is writev and a socket descriptor.
> > 
> > If there is interest, what would be the best place to add a function for
> > this ?
> > It should be something like
> > gnutls_transport_set_int_tfo(tcp->ssl_session, tcp->sockfd, sockaddr
> > *addr,
> > socklen_t *addrlen);
> 
> That sounds reasonable.

I'll see if I find some time this afternoon to implement a show case to test 
with (function + usage in gnutls-cli).

> 
> > Or is there any way retrieve addr/addrlen from the socket descriptor ?

> As far as I know you can get these from already connected sockets.

If the socket is already connected, the time for TFO is already over :-)
I couldn't find/remember a way to set the destination address without a 
connect() or sendto()/sendmsg(). If we had such a possibility, we would just 
need a function to switch TFO on/off for a session.

Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160713/0837f3da/attachment.sig>

More information about the Gnutls-devel mailing list