Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-28764

SSL: align SSL record size with TCP maximum segment size

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: P3: Somewhat important
    • Resolution: Invalid
    • Affects Version/s: None
    • Fix Version/s: 4.8.x, 5.1.0
    • Component/s: Network: SSL
    • Labels:
    • Technical Risk:
      Normal

      Description

      When sending many small SSL records, there might be too much overhead through
      the record headers; when sending big SSL records, they might be bigger than the
      maximum segment size (or even bigger than the TCP congestion window when uploading data).

      The former case is probably hard to control since especially in handshake phase
      we often only have small records to send, but for the latter case there might be packets spanning over 2-3 TCP segments, which we want to avoid because the server can only decrypt the packet once it has received all segments.

      Testing on Wifi on a BlackBerry 10, I found the negotiated maximum segment size to be 1380 bytes.
      So we could package our data into chunks to fit that size and feed that into
      the SSL_write call or whatever OpenSSL does.

      I also saw that servers send huge records of several thousand bytes, but I am
      afraid there is nothing we can do there.

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              Assignee:
              peter-har Peter Hartmann
              Reporter:
              peter-har Peter Hartmann
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Gerrit Reviews

                  There are no open Gerrit changes