diff options
| author | Nagendra Modadugu <ngm@google.com> | 2009-10-06 15:52:53 -0700 |
|---|---|---|
| committer | Nagendra Modadugu <ngm@google.com> | 2009-10-06 15:52:53 -0700 |
| commit | 76297e9e9cc3acfd6e85453aef4780f4561301bd (patch) | |
| tree | 537d7d532f680f2eb893f1977930b64bd48b332f /x-net | |
| parent | bd5b03c2a1a88e95af6c72ae0f88a2db9dded0b2 (diff) | |
| download | libcore-76297e9e9cc3acfd6e85453aef4780f4561301bd.zip libcore-76297e9e9cc3acfd6e85453aef4780f4561301bd.tar.gz libcore-76297e9e9cc3acfd6e85453aef4780f4561301bd.tar.bz2 | |
Enable SMALL_BUFFERS and HANDSHAKE_CUTTHROUGH for SSL connections.
Diffstat (limited to 'x-net')
| -rw-r--r-- | x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_OpenSSLSocketImpl.cpp | 32 |
1 files changed, 21 insertions, 11 deletions
diff --git a/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_OpenSSLSocketImpl.cpp b/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_OpenSSLSocketImpl.cpp index 2e1adb1..8f046ce 100644 --- a/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_OpenSSLSocketImpl.cpp +++ b/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_OpenSSLSocketImpl.cpp @@ -1011,6 +1011,27 @@ static void org_apache_harmony_xnet_provider_jsse_OpenSSLSocketImpl_init(JNIEnv* */ SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, NULL); + int mode = SSL_CTX_get_mode(ssl_ctx); + /* + * Turn on "partial write" mode. This means that SSL_write() will + * behave like Posix write() and possibly return after only + * writing a partial buffer. Note: The alternative, perhaps + * surprisingly, is not that SSL_write() always does full writes + * but that it will force you to retry write calls having + * preserved the full state of the original call. (This is icky + * and undesirable.) + */ + mode |= SSL_MODE_ENABLE_PARTIAL_WRITE; +#ifdef SSL_MODE_SMALL_BUFFERS + mode |= SSL_MODE_SMALL_BUFFERS; /* lazily allocate record buffers; usually saves + * 44k over the default */ +#endif +#ifdef SSL_MODE_HANDSHAKE_CUTTHROUGH + mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH; /* enable sending of client data as soon as + * ClientCCS and ClientFinished are sent */ +#endif + SSL_CTX_set_mode(ssl_ctx, mode); + if (privatekey != NULL) { BIO* privatekeybio = stringToMemBuf(env, (jstring) privatekey); EVP_PKEY* privatekeyevp = @@ -1114,17 +1135,6 @@ static jboolean org_apache_harmony_xnet_provider_jsse_OpenSSLSocketImpl_connect( fd = jniGetFDFromFileDescriptor(env, fdObject); - /* - * Turn on "partial write" mode. This means that SSL_write() will - * behave like Posix write() and possibly return after only - * writing a partial buffer. Note: The alternative, perhaps - * surprisingly, is not that SSL_write() always does full writes - * but that it will force you to retry write calls having - * preserved the full state of the original call. (This is icky - * and undesirable.) - */ - SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE); - ssl_session = (SSL_SESSION *) session; ret = SSL_set_fd(ssl, fd); |