From 975e24163ffe8cad1e1c559ddda77a00e174d6bc Mon Sep 17 00:00:00 2001 From: "nelsonb%netscape.com" Date: Tue, 8 May 2001 23:12:34 +0000 Subject: [PATCH] Disable TCP Nagle delays on SSL sockets for NSS 3.3. Bug 67898. Modified Files: ssldef.c sslimpl.h sslsecur.c sslsock.c --- security/nss/lib/ssl/ssldef.c | 9 ++++++++- security/nss/lib/ssl/sslimpl.h | 7 +++++-- security/nss/lib/ssl/sslsecur.c | 8 +++++++- security/nss/lib/ssl/sslsock.c | 17 ++++++++++++++++- 4 files changed, 36 insertions(+), 5 deletions(-) diff --git a/security/nss/lib/ssl/ssldef.c b/security/nss/lib/ssl/ssldef.c index 78e683df8526..454772c00f87 100644 --- a/security/nss/lib/ssl/ssldef.c +++ b/security/nss/lib/ssl/ssldef.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: ssldef.c,v 1.3 2001/03/16 23:26:03 nelsonb%netscape.com Exp $ + * $Id: ssldef.c,v 1.4 2001/05/08 23:12:29 nelsonb%netscape.com Exp $ */ #include "cert.h" @@ -108,6 +108,13 @@ int ssl_DefSend(sslSocket *ss, const unsigned char *buf, int len, int flags) PRFileDesc *lower = ss->fd->lower; int rv, count; + /* Although this is overkill, we disable Nagle delays completely for + ** SSL sockets. + */ + if (ss->useSecurity && !ss->delayDisabled) { + ssl_EnableNagleDelay(ss, PR_FALSE); /* ignore error */ + ss->delayDisabled = 1; + } count = 0; for (;;) { rv = lower->methods->send(lower, (const void *)buf, len, diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index 46547758e041..8784c44bed22 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -34,7 +34,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslimpl.h,v 1.12 2001/04/11 00:29:18 nelsonb%netscape.com Exp $ + * $Id: sslimpl.h,v 1.13 2001/05/08 23:12:31 nelsonb%netscape.com Exp $ */ #ifndef __sslimpl_h_ @@ -268,7 +268,7 @@ struct sslSocketStr { unsigned int enableTLS : 1; unsigned int clientAuthRequested: 1; unsigned int noCache : 1; - unsigned int fdx : 1; /* simultaneous read/write threads */ + unsigned int fdx : 1; /* simultaneous R/W threads */ unsigned int v2CompatibleHello : 1; /* Send v3+ client hello in v2 format */ unsigned int detectRollBack : 1; /* Detect rollback to SSL v3 */ unsigned int firstHsDone : 1; /* first handshake is complete. */ @@ -277,6 +277,7 @@ struct sslSocketStr { unsigned int lastWriteBlocked : 1; unsigned int TCPconnected : 1; unsigned int handshakeBegun : 1; + unsigned int delayDisabled : 1; /* Nagle delay disabled */ /* version of the protocol to use */ SSL3ProtocolVersion version; @@ -1056,6 +1057,8 @@ extern PRBool ssl_SocketIsBlocking(sslSocket *ss); extern void ssl_SetAlwaysBlock(sslSocket *ss); +extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled); + #define SSL_LOCK_READER(ss) if (ss->recvLock) PZ_Lock(ss->recvLock) #define SSL_UNLOCK_READER(ss) if (ss->recvLock) PZ_Unlock(ss->recvLock) #define SSL_LOCK_WRITER(ss) if (ss->sendLock) PZ_Lock(ss->sendLock) diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c index dce27274e604..174eaa5c8537 100644 --- a/security/nss/lib/ssl/sslsecur.c +++ b/security/nss/lib/ssl/sslsecur.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslsecur.c,v 1.10 2001/03/31 02:49:59 nelsonb%netscape.com Exp $ + * $Id: sslsecur.c,v 1.11 2001/05/08 23:12:32 nelsonb%netscape.com Exp $ */ #include "cert.h" #include "secitem.h" @@ -935,6 +935,12 @@ ssl_SecureClose(sslSocket *ss) !ss->recvdCloseNotify && (ss->ssl3 != NULL)) { + /* We don't want the final alert to be Nagle delayed. */ + if (!ss->delayDisabled) { + ssl_EnableNagleDelay(ss, PR_FALSE); + ss->delayDisabled = 1; + } + (void) SSL3_SendAlert(ss, alert_warning, close_notify); } rv = ssl_DefClose(ss); diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index 90ed23f82ff0..1c7bb5019078 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -35,7 +35,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslsock.c,v 1.16 2001/04/26 21:53:11 nelsonb%netscape.com Exp $ + * $Id: sslsock.c,v 1.17 2001/05/08 23:12:34 nelsonb%netscape.com Exp $ */ #include "seccomon.h" #include "cert.h" @@ -213,6 +213,7 @@ ssl_DupSocket(sslSocket *os) ss->fdx = os->fdx; ss->v2CompatibleHello = os->v2CompatibleHello; ss->detectRollBack = os->detectRollBack; + ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID); ss->url = !os->url ? NULL : PORT_Strdup(os->url); @@ -398,6 +399,20 @@ ssl_FreeSocket(sslSocket *ss) } /************************************************************************/ +SECStatus +ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled) +{ + PRFileDesc * osfd = ss->fd->lower; + int rv; + PRSocketOptionData opt; + + opt.option = PR_SockOpt_NoDelay; + opt.value.no_delay = (PRBool)!enabled; + + rv = osfd->methods->setsocketoption(osfd, &opt); + + return rv; +} static void ssl_ChooseOps(sslSocket *ss)