On Mon, Jan 25, 2016 at 06:24:55pm +0000, Sara Dickinson via RT wrote: > Hi, > > I would like to request that support be added to OpenSSL to enable client > applications to make use use of TCP Fast Open > (https://tools.ietf.org/html/rfc7413 <https://tools.ietf.org/html/rfc7413>) > when initiating the TLS handshake on Linux (TCP Fast Open is available in > Linux kernel > 4.1). > > This was discussed in detail on the OpenSSL Users list: > https://mta.openssl.org/pipermail/openssl-users/2016-January/002835.html > <https://mta.openssl.org/pipermail/openssl-users/2016-January/002835.html>
I took a stab at implementing TFO support for OpenSSL on Linux and OS X at: https://github.com/ghedo/openssl/commits/fast_open This only works for the BIO_s_socket() BIO, but could probably be adapted to BIO_s_connect() as well if needed. However I'm not particularly happy with the implementation (it's fairly ugly), and it would probably be easier to implement this on the application side by overriding the "write" method of whatever BIO is used, instead of trying to make OpenSSL do it directly. Cheers -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4271 Please log in as guest with password guest if prompted
signature.asc
Description: PGP signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
