[openssl-dev] [openssl.org #4271] Enhancement Request: Support TCP Fast Open
Alessandro Ghedini via RT
rt at openssl.org
Mon Feb 8 23:48:25 UTC 2016
On Mon, Jan 25, 2016 at 06:24:55pm +0000, Sara Dickinson via RT wrote:
> Hi,
>
> I would like to request that support be added to OpenSSL to enable client applications to make use use of TCP Fast Open (https://tools.ietf.org/html/rfc7413 <https://tools.ietf.org/html/rfc7413>) when initiating the TLS handshake on Linux (TCP Fast Open is available in Linux kernel > 4.1).
>
> This was discussed in detail on the OpenSSL Users list:
> https://mta.openssl.org/pipermail/openssl-users/2016-January/002835.html <https://mta.openssl.org/pipermail/openssl-users/2016-January/002835.html>
I took a stab at implementing TFO support for OpenSSL on Linux and OS X at:
https://github.com/ghedo/openssl/commits/fast_open
This only works for the BIO_s_socket() BIO, but could probably be adapted to
BIO_s_connect() as well if needed.
However I'm not particularly happy with the implementation (it's fairly ugly),
and it would probably be easier to implement this on the application side by
overriding the "write" method of whatever BIO is used, instead of trying to
make OpenSSL do it directly.
Cheers
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4271
Please log in as guest with password guest if prompted
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160208/90b59d35/attachment.sig>
More information about the openssl-dev
mailing list