summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2021-01-21 17:34:55 +0000
committerJeremy Harris <jgh146exb@wizmail.org>2021-01-21 17:34:55 +0000
commit51ffcca6f1f6005c37c25144ed8b30f5e8a094e9 (patch)
treeb8a3c96923dfb3fad6f41575647d65266d40a851 /test
parent0240e7a160721a53365aaa3bd10bb6f3de3f9f15 (diff)
Avoid bare TCP ACKs during TLS-on-connect startup.
We can't get the QUICKACK turned off on the accepted socket fast enough to stop the ACK for the ClientHello - but we get the rest, under OpenSSL.
Diffstat (limited to 'test')
-rw-r--r--test/scripts/1100-Basic-TLS/116025
-rw-r--r--test/src/client.c7
2 files changed, 30 insertions, 2 deletions
diff --git a/test/scripts/1100-Basic-TLS/1160 b/test/scripts/1100-Basic-TLS/1160
index ce7298e47..e57867e1c 100644
--- a/test/scripts/1100-Basic-TLS/1160
+++ b/test/scripts/1100-Basic-TLS/1160
@@ -4,8 +4,29 @@
# For GnuTLS, additionally run the daemon under sudo.
# Tell wireshark to use DIR/spool/sslkeys for Master Secret log, and decode TCP/1225 as TLS, TLS/1225 as SMTP
#
-# sudo exim -DSERVER=server -d+tls -bd -oX PORT_D
-exim -DSERVER=server -bd -oX PORT_D
+# We get (TLS1.3 , OpenSSL):
+# SYN >
+# < SYN,ACK
+# ACK >
+# Client Hello >
+# < Server Hello, Change Ciph, Extensions, Cert, Cert Verify, Finished
+# Change Ciph,Finsh >
+# < Banner
+# EHLO >
+# < EHLO resp
+# MAIL,RCPT,DATA >
+# < ACK,ACK,DATA-go-ahead
+#
+# GnuTLS splits both the server records and the client response pair over two TCP segments:
+# Client Hello >
+# < Server Hello, Change Ciph
+# Change Ciph >
+# < Extensins, Cert, Cert Verify, Finished
+# Finished >
+# (otherwise the same). The extra segments are piplined and do not incur an extra roundtrip time.
+#
+# exim -DSERVER=server -bd -oX PORT_D
+sudo exim -DSERVER=server -d+tls -bd -oX PORT_D
****
exim CALLER@test.ex
Test message. Contains FF: ÿ
diff --git a/test/src/client.c b/test/src/client.c
index 9190af068..9beaf25bb 100644
--- a/test/src/client.c
+++ b/test/src/client.c
@@ -1234,6 +1234,13 @@ if (rc < 0)
exit(85);
}
+#ifdef TCP_QUICKACK
+ {
+ int off = 0;
+ (void) setsockopt(srv.sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
+ }
+#endif
+
printf("connected\n");