Next: , Previous: , Up: Setting up the transport layer   [Contents][Index]

6.5.2 Reducing round-trips

The full TLS 1.2 handshake requires 2 round-trips to complete, and when combined with TCP’s SYN and SYN-ACK negotiation it extends to 3 full round-trips. While, TLS 1.3 reduces that to two round-trips when under TCP, it still adds considerable latency, making the protocol unsuitable for certain applications.

To optimize the handshake latency, in client side, it is possible to take advantage of the TCP fast open [RFC7413] mechanism on operating systems that support it. That can be done either by manually crafting the push and pull callbacks, or by utilizing gnutls_transport_set_fastopen. In that case the initial TCP handshake is eliminated, reducing the TLS 1.2 handshake round-trip to 2, and the TLS 1.3 handshake to a single round-trip. Note, that when this function is used, any connection failures will be reported during the gnutls_handshake function call with error code GNUTLS_E_PUSH_ERROR.

Function: void gnutls_transport_set_fastopen (gnutls_session_t session, int fd, struct sockaddr * connect_addr, socklen_t connect_addrlen, unsigned int flags)

session: is a gnutls_session_t type.

fd: is the session’s socket descriptor

connect_addr: is the address we want to connect to

connect_addrlen: is the length of connect_addr

flags: must be zero

Enables TCP Fast Open (TFO) for the specified TLS client session. That means that TCP connection establishment and the transmission of the first TLS client hello packet are combined. The peer’s address must be specified in connect_addr and connect_addrlen , and the socket specified by fd should not be connected.

TFO only works for TCP sockets of type AF_INET and AF_INET6. If the OS doesn’t support TCP fast open this function will result to gnutls using connect() transparently during the first write.

Note: This function overrides all the transport callback functions. If this is undesirable, TCP Fast Open must be implemented on the user callback functions without calling this function. When using this function, transport callbacks must not be set, and gnutls_transport_set_ptr() or gnutls_transport_set_int() must not be called.

On GNU/Linux TFO has to be enabled at the system layer, that is in /proc/sys/net/ipv4/tcp_fastopen, bit 0 has to be set.

This function has no effect on server sessions.

Since: 3.5.3

When restricted to TLS 1.2, and non-resumed sessions, it is possible to further reduce the round-trips to a single one by taking advantage of the False Start TLS extension. This can be enabled by setting the GNUTLS_ENABLE_FALSE_START flag on gnutls_init.

Under TLS 1.3, the server side can start transmitting before the handshake is complete (i.e., while the client Finished message is still in flight), when no client certificate authentication is requested. This, unlike false start, is part of protocol design with no known security implications. It can be enabled by setting the GNUTLS_ENABLE_EARLY_START on gnutls_init, and the gnutls_handshake function will return early, allowing the server to send data earlier.

Next: , Previous: , Up: Setting up the transport layer   [Contents][Index]