maskit commented on code in PR #12763:
URL: https://github.com/apache/trafficserver/pull/12763#discussion_r2624836286
##########
src/iocore/net/TLSBasicSupport.cc:
##########
@@ -72,6 +73,45 @@ TLSBasicSupport::clear()
{
this->_tls_handshake_begin_time = 0;
this->_tls_handshake_end_time = 0;
+ this->_tls_handshake_bytes_in = 0;
+ this->_tls_handshake_bytes_out = 0;
+}
+
+bool
+TLSBasicSupport::get_tls_handshake_bytes(uint64_t &bytes_in, uint64_t
&bytes_out)
+{
+ if (_tls_handshake_bytes_in > 0 || _tls_handshake_bytes_out > 0) {
+ bytes_in = _tls_handshake_bytes_in;
+ bytes_out = _tls_handshake_bytes_out;
+ return false;
+ }
+
+ SSL *ssl = this->_get_ssl_object();
+ if (ssl == nullptr) {
+ bytes_in = 0;
+ bytes_out = 0;
+ return false;
+ }
+
+ BIO *rbio = SSL_get_rbio(ssl);
+ BIO *wbio = SSL_get_wbio(ssl);
+
+ uint64_t bio_in = rbio ? BIO_number_read(rbio) : 0;
+ uint64_t bio_out = wbio ? BIO_number_written(wbio) : 0;
+
+ // Subtract early data (TLS 1.3 0-RTT) from incoming bytes
+ if (auto *early_data = TLSEarlyDataSupport::getInstance(ssl); early_data) {
+ size_t early_data_len = early_data->get_early_data_len();
+
+ if (early_data_len > 0 && bio_in > early_data_len) {
+ bio_in -= early_data_len;
Review Comment:
I don't think we should subtract the length of early data here. It's
inaccurate as the size of TLS handshake bytes, and we can do the math on the
caller side. The subtraction only makes sense where you want to avoid double
counting the size of HTTP requests.
Also I don't want the dependency for TLSEarlyDataSuport here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
