Coalesce the final Finished message in the SSL handshake and the first

record of application data into a single write, when possible, to avoid TCP's "Nagle" delays. Fixes bug 67898. r&a: wtc. Modified Files: ssl3con.c sslimpl.h sslsecur.c sslsock.c
2001-02-07 00:34:56 +00:00 · 2001-02-07 00:34:56 +00:00 · 4207bb1bdb
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@ -32,7 +32,7 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 *
- * $Id: ssl3con.c,v 1.15 2001/01/30 21:02:23 wtc%netscape.com Exp $
+ * $Id: ssl3con.c,v 1.16 2001/02/07 00:34:54 nelsonb%netscape.com Exp $
 */

 #include "nssrenam.h"
@ -6460,19 +6460,22 @@ ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,

    if ((isServer && !ssl3->hs.isResuming) ||
 	(!isServer && ssl3->hs.isResuming)) {
+	PRInt32 flags = 0;

 	rv = ssl3_SendChangeCipherSpecs(ss);
 	if (rv != SECSuccess) {
 	    goto xmit_loser;	/* err is set. */
 	}
-	/* XXX Right here, if we knew, somehow, that this thread was in
-	** SSL_SecureSend (trying to write some data) and we weren't going
-	** to step up, then we could set the ssl_SEND_FLAG_FORCE_INTO_BUFFER
-	** flag, so that the last two handshake messages
-	** (e.g. change cipher spec and finished) would get
-	** sent out in the same send/write call as the application data.
+	/* If this thread is in SSL_SecureSend (trying to write some data) 
+	** or if it is going to step up, 
+	** then set the ssl_SEND_FLAG_FORCE_INTO_BUFFER flag, so that the 
+	** last two handshake messages (change cipher spec and finished) 
+	** will be sent in the same send/write call as the application data.
 	*/
-	rv = ssl3_SendFinished(ss, 0);
+	if (doStepUp || ss->writerThread == PR_GetCurrentThread()) {
+	    flags = ssl_SEND_FLAG_FORCE_INTO_BUFFER;
+	}
+	rv = ssl3_SendFinished(ss, flags);
 	if (rv != SECSuccess) {
 	    goto xmit_loser;	/* err is set. */
 	}
--- a/security/nss/lib/ssl/sslimpl.h
+++ b/security/nss/lib/ssl/sslimpl.h
@ -33,7 +33,7 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 *
- * $Id: sslimpl.h,v 1.8 2001/01/13 02:05:08 nelsonb%netscape.com Exp $
+ * $Id: sslimpl.h,v 1.9 2001/02/07 00:34:55 nelsonb%netscape.com Exp $
 */

 #ifndef __sslimpl_h_
@ -344,6 +344,8 @@ const unsigned char *  preferredCipher;
    */
    CERTCertDBHandle * dbHandle;

+    PRThread *  writerThread;   /* thread holds SSL_LOCK_WRITER lock */
+
    PRUint16	shutdownHow; 	/* See ssl_SHUTDOWN defines below. */

    PRUint16	allowedByPolicy;          /* copy of global policy bits. */
--- a/security/nss/lib/ssl/sslsecur.c
+++ b/security/nss/lib/ssl/sslsecur.c
@ -32,7 +32,7 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 *
- * $Id: sslsecur.c,v 1.4 2001/01/18 16:36:41 wtc%netscape.com Exp $
+ * $Id: sslsecur.c,v 1.5 2001/02/07 00:34:55 nelsonb%netscape.com Exp $
 */
 #include "cert.h"
 #include "secitem.h"
@ -1020,6 +1020,7 @@ ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len)
    return ssl_SecureRecv(ss, buf, len, 0);
 }

+/* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */
 int
 ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
 {
@ -1053,6 +1054,8 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
 	return rv;
    }

+    if (len > 0) 
+    	ss->writerThread = PR_GetCurrentThread();
    /* If any of these is non-zero, the initial handshake is not done. */
    if (!ss->connected) {
 	ssl_Get1stHandshakeLock(ss);
@ -1062,13 +1065,16 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
 	ssl_Release1stHandshakeLock(ss);
    }
    if (rv < 0) {
+    	ss->writerThread = NULL;
 	return rv;
    }

    /* Check for zero length writes after we do housekeeping so we make forward
     * progress.
     */
-    if (len == 0) return 0;
+    if (len == 0) {
+    	return 0;
+    }
    PORT_Assert(buf != NULL);
    
    SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
@ -1081,6 +1087,7 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
    ssl_GetXmitBufLock(ss);
    rv = (*sec->send)(ss, buf, len, flags);
    ssl_ReleaseXmitBufLock(ss);
+    ss->writerThread = NULL;
    return rv;
 }

--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@ -34,7 +34,7 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 *
- * $Id: sslsock.c,v 1.9 2001/01/13 02:05:09 nelsonb%netscape.com Exp $
+ * $Id: sslsock.c,v 1.10 2001/02/07 00:34:56 nelsonb%netscape.com Exp $
 */
 #include "seccomon.h"
 #include "cert.h"
@ -1770,6 +1770,7 @@ ssl_NewSocket(void)
 	ss->specLock           = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL);
 	ss->recvBufLock        = PZ_NewMonitor(nssILockSSL);
 	ss->xmitBufLock        = PZ_NewMonitor(nssILockSSL);
+	ss->writerThread       = NULL;
 	if (ssl_lock_readers) {
 	    ss->recvLock       = PZ_NewLock(nssILockSSL);
 	    ss->sendLock       = PZ_NewLock(nssILockSSL);