[vlc-devel] [PATCH] gnutls: disable False Start
Rémi Denis-Courmont
remi at remlab.net
Thu Feb 21 19:38:42 CET 2019
Le torstaina 21. helmikuuta 2019, 20.10.25 EET Thomas Guillem a écrit :
> Here is how I understand the GnuTLS documentation about thread safety,
> handshake and GNUTLS_ENABLE_FALSE_START:
>
> cf. https://gnutls.org/manual/html_node/Thread-safety.html
> "...care must be taken during key updates and re-handshakes to be handled
> only by a single thread"
As I already mentioned, VLC does not do re-handshakes on client side. " In
case of a client, [re-handshake] message may be simply ignored". And re-
handshakes happen in already established sessions, while False Start occurs at
start. They are not related.
> GNUTLS_ENABLE_FALSE_START causes the handshake to be delayed when receiving
> data.
No. False Start causes the handshake to terminate early (before the session is
securely established):
https://www.gnutls.org/manual/html_node/False-Start.html
Sending is still done from within gnutls_record_send() and receiving from
within gnutls_record_recv(), not affecting the polling and threading semantics.
Otherwise, it would wreck event handling even in single thread mode. It has
indeed been working fine with GnuTLS 3.5.
Contribs needs to be reverted back to a non-broken GnuTLS version, or patched.
--
雷米‧德尼-库尔蒙
http://www.remlab.net/
More information about the vlc-devel
mailing list