From 32178fac7f0d46d9ed7059eeec4708ed3d70c6eb Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Tue, 18 Aug 2020 19:00:08 +0200 Subject: [PATCH] Enable SSL_MODE_ENABLE_FALSE_START if jdkCompatibilityMode is false (#10407) Motivation: To reduce latency and RTTs we should use TLS False Start when jdkCompatibilityMode is not required and its supported Modifications: Use SSL_MODE_ENABLE_FALSE_START when jdkCompatibilityMode is false Result: Less RTTs and so lower latency when TLS False Start is supported --- .../io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java | 3 ++- pom.xml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java index 03dfb901bc..b4304b37e8 100644 --- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java +++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java @@ -261,7 +261,8 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc } if (!jdkCompatibilityMode) { - SSL.setMode(ssl, SSL.getMode(ssl) | SSL.SSL_MODE_ENABLE_PARTIAL_WRITE); + SSL.setMode(ssl, SSL.getMode(ssl) | SSL.SSL_MODE_ENABLE_PARTIAL_WRITE + | SSL.SSL_MODE_ENABLE_FALSE_START); } int opts = SSL.getOptions(ssl); diff --git a/pom.xml b/pom.xml index 1f3d0a357b..3a99320a06 100644 --- a/pom.xml +++ b/pom.xml @@ -356,7 +356,7 @@ fedora,suse,arch netty-tcnative - 2.0.31.Final + 2.0.33.Final ${os.detected.classifier} org.conscrypt conscrypt-openjdk-uber