diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2021-01-21 17:34:55 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2021-01-21 17:34:55 +0000 |
commit | 51ffcca6f1f6005c37c25144ed8b30f5e8a094e9 (patch) | |
tree | b8a3c96923dfb3fad6f41575647d65266d40a851 /test | |
parent | 0240e7a160721a53365aaa3bd10bb6f3de3f9f15 (diff) |
Avoid bare TCP ACKs during TLS-on-connect startup.
We can't get the QUICKACK turned off on the accepted socket fast enough to
stop the ACK for the ClientHello - but we get the rest, under OpenSSL.
Diffstat (limited to 'test')
-rw-r--r-- | test/scripts/1100-Basic-TLS/1160 | 25 | ||||
-rw-r--r-- | test/src/client.c | 7 |
2 files changed, 30 insertions, 2 deletions
diff --git a/test/scripts/1100-Basic-TLS/1160 b/test/scripts/1100-Basic-TLS/1160 index ce7298e47..e57867e1c 100644 --- a/test/scripts/1100-Basic-TLS/1160 +++ b/test/scripts/1100-Basic-TLS/1160 @@ -4,8 +4,29 @@ # For GnuTLS, additionally run the daemon under sudo. # Tell wireshark to use DIR/spool/sslkeys for Master Secret log, and decode TCP/1225 as TLS, TLS/1225 as SMTP # -# sudo exim -DSERVER=server -d+tls -bd -oX PORT_D -exim -DSERVER=server -bd -oX PORT_D +# We get (TLS1.3 , OpenSSL): +# SYN > +# < SYN,ACK +# ACK > +# Client Hello > +# < Server Hello, Change Ciph, Extensions, Cert, Cert Verify, Finished +# Change Ciph,Finsh > +# < Banner +# EHLO > +# < EHLO resp +# MAIL,RCPT,DATA > +# < ACK,ACK,DATA-go-ahead +# +# GnuTLS splits both the server records and the client response pair over two TCP segments: +# Client Hello > +# < Server Hello, Change Ciph +# Change Ciph > +# < Extensins, Cert, Cert Verify, Finished +# Finished > +# (otherwise the same). The extra segments are piplined and do not incur an extra roundtrip time. +# +# exim -DSERVER=server -bd -oX PORT_D +sudo exim -DSERVER=server -d+tls -bd -oX PORT_D **** exim CALLER@test.ex Test message. Contains FF: ÿ diff --git a/test/src/client.c b/test/src/client.c index 9190af068..9beaf25bb 100644 --- a/test/src/client.c +++ b/test/src/client.c @@ -1234,6 +1234,13 @@ if (rc < 0) exit(85); } +#ifdef TCP_QUICKACK + { + int off = 0; + (void) setsockopt(srv.sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off)); + } +#endif + printf("connected\n"); |