boringssl

History

David Benjamin 0afbcc05e6 Remove buffering out records from the next epoch. It was only ever enabled for handshake and alert messages. The comments cite renego as a use case though even then I'm not clear on why. The only use I see is if, say, the Finished message and ClientKeyExchange came in out-of-order. DTLS is unreliable so leaning on retransmit seems fine, and usually flights will be packed into one packet where possible. NSS doesn't have any such buffer and doesn't seem to have problems. The buffering mechanism is also rather dubious. It stows away the entire packet and read buffer---all 16K of it---and there may have been other records in that packet. Change-Id: Ic3b7bf817be380dc73102eec62c690ed093e6667 Reviewed-on: https://boringssl-review.googlesource.com/4238 Reviewed-by: Adam Langley <agl@google.com>	2015-04-06 20:51:24 +00:00
..
openssl	Remove buffering out records from the next epoch.	2015-04-06 20:51:24 +00:00

David Benjamin 0afbcc05e6 Remove buffering out records from the next epoch.

It was only ever enabled for handshake and alert messages. The comments cite
renego as a use case though even then I'm not clear on why. The only use I see
is if, say, the Finished message and ClientKeyExchange came in out-of-order.
DTLS is unreliable so leaning on retransmit seems fine, and usually flights
will be packed into one packet where possible. NSS doesn't have any such
buffer and doesn't seem to have problems.

The buffering mechanism is also rather dubious. It stows away the entire packet
and read buffer---all 16K of it---and there may have been other records in that
packet.

Change-Id: Ic3b7bf817be380dc73102eec62c690ed093e6667
Reviewed-on: https://boringssl-review.googlesource.com/4238
Reviewed-by: Adam Langley <agl@google.com>

2015-04-06 20:51:24 +00:00

openssl

Remove buffering out records from the next epoch.

2015-04-06 20:51:24 +00:00