Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-28764

SSL: align SSL record size with TCP maximum segment size



    • Task
    • Status: Closed
    • P3: Somewhat important
    • Resolution: Invalid
    • None
    • 4.8.x, 5.1.0
    • Network: SSL


      When sending many small SSL records, there might be too much overhead through
      the record headers; when sending big SSL records, they might be bigger than the
      maximum segment size (or even bigger than the TCP congestion window when uploading data).

      The former case is probably hard to control since especially in handshake phase
      we often only have small records to send, but for the latter case there might be packets spanning over 2-3 TCP segments, which we want to avoid because the server can only decrypt the packet once it has received all segments.

      Testing on Wifi on a BlackBerry 10, I found the negotiated maximum segment size to be 1380 bytes.
      So we could package our data into chunks to fit that size and feed that into
      the SSL_write call or whatever OpenSSL does.

      I also saw that servers send huge records of several thousand bytes, but I am
      afraid there is nothing we can do there.


        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.



              peter-har Peter Hartmann
              peter-har Peter Hartmann
              0 Vote for this issue
              1 Start watching this issue



                Gerrit Reviews

                  There are no open Gerrit changes