[gnutls-devel] GnuTLS | Improved estimation of wait in gnutls_session_get_data2 (!936)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue Mar 19 15:02:30 CET 2019
Hubert Kario started a new discussion on lib/session.c:
> }
>
> if (vers->tls13_sem && !(session->internals.hsk_flags & HSK_TICKET_RECEIVED)) {
> - /* wait for a message with timeout of 1ms */
> - ret = _gnutls_recv_in_buffers(session, GNUTLS_APPLICATION_DATA, -1, 50);
> + unsigned ertt = session->internals.ertt;
> + /* use our estimation of round-trip + some time for the server to calculate
> + * the value(s). */
> + ertt += 100;
100 ms is a long time, I don't think we should delay connection for this much
if it is necessary for old applications to handle upgrade to TLS 1.3 transparently, I think there should be an opt-out for applications that do plan to use `gnutls_handshake_set_hook_function()` to get explicit notifications when the tickets are ready
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/936#note_152015014
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190319/62208deb/attachment.html>
More information about the Gnutls-devel
mailing list