[vlc-devel] [PATCH] gnutls: disable False Start
Thomas Guillem
thomas at gllm.fr
Thu Feb 21 19:10:25 CET 2019
Manual revert of c0e59decbfefab74dbe313da695249ad1af0de80
Here is how I understand the GnuTLS documentation about thread safety,
handshake and GNUTLS_ENABLE_FALSE_START:
cf. https://gnutls.org/manual/html_node/Thread-safety.html
"...care must be taken during key updates and re-handshakes to be handled only
by a single thread"
GNUTLS_ENABLE_FALSE_START causes the handshake to be delayed when receiving
data. However, the http module will receive data from an other thread,
therefore the handshake won't be handled by only one thread.
---
modules/misc/gnutls.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/modules/misc/gnutls.c b/modules/misc/gnutls.c
index def0727a17..cb7ac53bc2 100644
--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -234,9 +234,6 @@ static vlc_tls_gnutls_t *gnutls_SessionOpen(vlc_object_t *obj, int type,
int val;
type |= GNUTLS_NONBLOCK;
-#if (GNUTLS_VERSION_NUMBER >= 0x030500)
- type |= GNUTLS_ENABLE_FALSE_START;
-#endif
val = gnutls_init(&session, type);
if (val != 0)
@@ -355,8 +352,6 @@ static int gnutls_Handshake(vlc_tls_t *tls, char **restrict alp)
msg_Dbg(obj, " - extended master secret (RFC7627) enabled");
if (flags & GNUTLS_SFLAGS_ETM)
msg_Dbg(obj, " - encrypt then MAC (RFC7366) enabled");
- if (flags & GNUTLS_SFLAGS_FALSE_START)
- msg_Dbg(obj, " - false start (RFC7918) enabled");
#endif
if (alp != NULL)
--
2.20.1
More information about the vlc-devel
mailing list