Browse Source

lib: introduce `.setMaxSendFragment(size)`

fix #6889
v0.11.11-release
Fedor Indutny 11 years ago
parent
commit
7f9b01509f
  1. 12
      doc/api/tls.markdown
  2. 4
      lib/_tls_wrap.js
  3. 19
      src/node_crypto.cc
  4. 5
      src/node_crypto.h
  5. 72
      test/simple/test-tls-max-send-fragment.js

12
doc/api/tls.markdown

@ -634,6 +634,18 @@ has been established.
ANOTHER NOTE: When running as the server, socket will be destroyed
with an error after `handshakeTimeout` timeout.
### tlsSocket.setMaxSendFragment(size)
Set maximum TLS fragment size (default and maximum value is: `16384`, minimum
is: `512`). Returns `true` on success, `false` otherwise.
Smaller fragment size decreases buffering latency on the client: large
fragments are buffered by the TLS layer until the entire fragment is received
and its integrity is verified; large fragments can span multiple roundtrips,
and their processing can be delayed due to packet loss or reordering. However,
smaller fragments add extra TLS framing bytes and CPU overhead, which may
decrease overall server throughput.
### tlsSocket.address()
Returns the bound address, the address family name and port of the

4
lib/_tls_wrap.js

@ -303,6 +303,10 @@ TLSSocket.prototype.renegotiate = function(options, callback) {
return true;
};
TLSSocket.prototype.setMaxSendFragment = function setMaxSendFragment(size) {
return this.ssl.setMaxSendFragment(size) == 1;
};
TLSSocket.prototype._handleTimeout = function() {
this._tlsError(new Error('TLS handshake timeout'));
};

19
src/node_crypto.cc

@ -857,6 +857,10 @@ void SSLWrap<Base>::AddMethods(Handle<FunctionTemplate> t) {
NODE_SET_PROTOTYPE_METHOD(t, "renegotiate", Renegotiate);
NODE_SET_PROTOTYPE_METHOD(t, "shutdown", Shutdown);
#ifdef SSL_set_max_send_fragment
NODE_SET_PROTOTYPE_METHOD(t, "setMaxSendFragment", SetMaxSendFragment);
#endif // SSL_set_max_send_fragment
#ifdef OPENSSL_NPN_NEGOTIATED
NODE_SET_PROTOTYPE_METHOD(t, "getNegotiatedProtocol", GetNegotiatedProto);
NODE_SET_PROTOTYPE_METHOD(t, "setNPNProtocols", SetNPNProtocols);
@ -1240,6 +1244,21 @@ void SSLWrap<Base>::Shutdown(const FunctionCallbackInfo<Value>& args) {
}
#ifdef SSL_set_max_send_fragment
template <class Base>
void SSLWrap<Base>::SetMaxSendFragment(
const v8::FunctionCallbackInfo<v8::Value>& args) {
HandleScope scope(node_isolate);
CHECK(args.Length() >= 1 && args[0]->IsNumber());
Base* w = Unwrap<Base>(args.This());
int rv = SSL_set_max_send_fragment(w->ssl_, args[0]->Int32Value());
args.GetReturnValue().Set(rv);
}
#endif // SSL_set_max_send_fragment
template <class Base>
void SSLWrap<Base>::IsInitFinished(const FunctionCallbackInfo<Value>& args) {
HandleScope scope(node_isolate);

5
src/node_crypto.h

@ -188,6 +188,11 @@ class SSLWrap {
static void Renegotiate(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Shutdown(const v8::FunctionCallbackInfo<v8::Value>& args);
#ifdef SSL_set_max_send_fragment
static void SetMaxSendFragment(
const v8::FunctionCallbackInfo<v8::Value>& args);
#endif // SSL_set_max_send_fragment
#ifdef OPENSSL_NPN_NEGOTIATED
static void GetNegotiatedProto(
const v8::FunctionCallbackInfo<v8::Value>& args);

72
test/simple/test-tls-max-send-fragment.js

@ -0,0 +1,72 @@
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
if (!process.versions.openssl) {
console.error('Skipping because node compiled without OpenSSL.');
process.exit(0);
}
var assert = require('assert');
var fs = require('fs');
var net = require('net');
var tls = require('tls');
var common = require('../common');
var buf = new Buffer(10000);
var received = 0;
var ended = 0;
var maxChunk = 768;
var server = tls.createServer({
key: fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem'),
cert: fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem')
}, function(c) {
// Lower and upper limits
assert(!c.setMaxSendFragment(511));
assert(!c.setMaxSendFragment(16385));
// Correct fragment size
assert(c.setMaxSendFragment(maxChunk));
c.end(buf);
}).listen(common.PORT, function() {
var c = tls.connect(common.PORT, {
rejectUnauthorized: false
}, function() {
c.on('data', function(chunk) {
assert(chunk.length <= maxChunk);
received += chunk.length;
});
// Ensure that we receive 'end' event anyway
c.on('end', function() {
ended++;
c.destroy();
server.close();
});
});
});
process.on('exit', function() {
assert.equal(ended, 1);
assert.equal(received, buf.length);
});
Loading…
Cancel
Save