upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-27 04:43:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/lib/isc/netmgr
History
Artem Boldariev 20d5a805e2
TLS: improve framing by assembling DNS message in one buffer 
This commit improves TLS messages framing by avoiding an extra call to
SSL_write_ex(). Before that we would use an extra SSL_write_ex() call
to pass DNS message length to OpenSSL. That could create an extra TLS
frame, increasing number of bytes sent due to frame header and
padding.

This commit fixes that by making the code pass both DNS message length
and data at once, just like old TLS code did.

It should improve compatibility with some buggy clients that expect
both DNS message length and data to be in one TLS frame.

Older TLS DNS code worked like this, too.
2024-01-17 17:09:41 +02:00
..
http.c Avoid using sock->iface and sock->peer from the lower transport 2023-12-06 15:15:25 +02:00
netmgr-int.h Expose the TCP client count in statistics channel 2024-01-17 11:11:12 +03:00
netmgr.c Expose the TCP client count in statistics channel 2024-01-17 11:11:12 +03:00
proxystream.c Add PROXY over TLS support to PROXY Stream 2023-12-06 15:15:24 +02:00
proxyudp.c PROXYv2 over UDP transport 2023-12-06 15:15:25 +02:00
socket.c Cleanup the last Windows / MSC ifdefs and comments 2023-04-03 09:06:20 +00:00
streamdns.c Stream DNS: add PROXY over TLS support 2023-12-06 15:15:25 +02:00
tcp.c Expose the TCP client count in statistics channel 2024-01-17 11:11:12 +03:00
timer.c Update netmgr, tasks, and applications to use isc_loopmgr 2022-08-26 09:09:24 +02:00
tlsstream.c TLS: improve framing by assembling DNS message in one buffer 2024-01-17 17:09:41 +02:00
udp.c Ineffective DbC protections 2023-11-21 14:48:43 +11:00