Hi Eric. 0001-MINOR-ssl-handshake-optimz-for-long-certificate-chai: works great! After applying this patch the full cert is sent in one RTT and without any extra pauses. [1] 0002-MINOR-ssl-Set-openssl-max_send_fragment-using-tune.s: I'm testing with / against openssl 1.0.1e, and it seems to work. Looking at the tcpdump, the packets look identical to previous runs without this patch. [2]
Any thoughts on dynamic sizing? ;) P.S. Great stuff, thanks for looking into this! [1] http://www.webpagetest.org/result/140201_2X_03511ec63344f442b81c24d2bf39f59d/3/details/ [2] http://www.webpagetest.org/result/140201_5D_67ac1ec2a4eec0bd84da3ee91a235ea5/5/details/ On Tue, Jan 28, 2014 at 7:31 AM, Emeric Brun <eb...@exceliance.fr> wrote: > On 01/28/2014 03:58 PM, Emeric Brun wrote: > >> >> Hi Ilya, >> >> >>> >>> Ah, interesting. Doing a bit more digging on this end, I see >>> "SSL_set_max_send_fragment", albeit that's from back in 2005. Is that >>> what you guys are looking at? >>> https://github.com/openssl/openssl/commit/566dda07ba16f9d3b9774fd5c8d526 >>> d7cc93f179 >>> >>> >> Yes, that's it! it appears in openssl 1.0.0. >> > > In attachment an other patch to test SSL_set_max_send_fragment. > > Regards, > Emeric > > > >