[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Wed May 2 07:50:38 UTC 2018

The branch master has been updated
       via  6299c7a4020294582d9424cb8aaf439d2ff0da94 (commit)
      from  aebd0e5ca12d1ba0b229a4121a54afa5ea2d8aa1 (commit)

- Log -----------------------------------------------------------------
commit 6299c7a4020294582d9424cb8aaf439d2ff0da94
Author: Matt Caswell <matt at openssl.org>
Date:   Tue May 1 11:46:58 2018 +0100

    Add a note about Nagle's algorithm on the SSL_connect man page
    Fixes #4237
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/6143)


Summary of changes:
 doc/man3/SSL_connect.pod | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/doc/man3/SSL_connect.pod b/doc/man3/SSL_connect.pod
index 1f054d6..5c9eff8 100644
--- a/doc/man3/SSL_connect.pod
+++ b/doc/man3/SSL_connect.pod
@@ -35,6 +35,21 @@ nothing is to be done, but select() can be used to check for the required
 condition. When using a buffering BIO, like a BIO pair, data must be written
 into or retrieved out of the BIO before being able to continue.
+Many systems implement Nagle's algorithm by default which means that it will
+buffer outgoing TCP data if a TCP packet has already been sent for which no
+corresponding ACK has been received yet from the peer. This can have performance
+impacts after a successful TLSv1.3 handshake or a successful TLSv1.2 (or below)
+resumption handshake, because the last peer to communicate in the handshake is
+the client. If the client is also the first to send application data (as is
+typical for many protocols) then this data could be buffered until an ACK has
+been received for the final handshake message.
+The B<TCP_NODELAY> socket option is often available to disable Nagle's
+algorithm. If an application opts to disable Nagle's algorithm consideration
+should be given to turning it back on again later if appropriate. The helper
+function BIO_set_tcp_ndelay() can be used to turn on or off the B<TCP_NODELAY>
 The following return values can occur:

More information about the openssl-commits mailing list