ANOTHER NOTE: When running as the server, socket will be destroyed
with an error after `handshakeTimeout` timeout.
+### tlsSocket.setMaxSendFragment(size)
+
+Set maximum TLS fragment size (default and maximum value is: `16384`, minimum
+is: `512`). Returns `true` on success, `false` otherwise.
+
+Smaller fragment size decreases buffering latency on the client: large
+fragments are buffered by the TLS layer until the entire fragment is received
+and its integrity is verified; large fragments can span multiple roundtrips,
+and their processing can be delayed due to packet loss or reordering. However,
+smaller fragments add extra TLS framing bytes and CPU overhead, which may
+decrease overall server throughput.
+
### tlsSocket.address()
Returns the bound address, the address family name and port of the
NODE_SET_PROTOTYPE_METHOD(t, "renegotiate", Renegotiate);
NODE_SET_PROTOTYPE_METHOD(t, "shutdown", Shutdown);
+#ifdef SSL_set_max_send_fragment
+ NODE_SET_PROTOTYPE_METHOD(t, "setMaxSendFragment", SetMaxSendFragment);
+#endif // SSL_set_max_send_fragment
+
#ifdef OPENSSL_NPN_NEGOTIATED
NODE_SET_PROTOTYPE_METHOD(t, "getNegotiatedProtocol", GetNegotiatedProto);
NODE_SET_PROTOTYPE_METHOD(t, "setNPNProtocols", SetNPNProtocols);
}
+#ifdef SSL_set_max_send_fragment
+template <class Base>
+void SSLWrap<Base>::SetMaxSendFragment(
+ const v8::FunctionCallbackInfo<v8::Value>& args) {
+ HandleScope scope(node_isolate);
+ CHECK(args.Length() >= 1 && args[0]->IsNumber());
+
+ Base* w = Unwrap<Base>(args.This());
+
+ int rv = SSL_set_max_send_fragment(w->ssl_, args[0]->Int32Value());
+ args.GetReturnValue().Set(rv);
+}
+#endif // SSL_set_max_send_fragment
+
+
template <class Base>
void SSLWrap<Base>::IsInitFinished(const FunctionCallbackInfo<Value>& args) {
HandleScope scope(node_isolate);
--- /dev/null
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+if (!process.versions.openssl) {
+ console.error('Skipping because node compiled without OpenSSL.');
+ process.exit(0);
+}
+
+var assert = require('assert');
+var fs = require('fs');
+var net = require('net');
+var tls = require('tls');
+
+var common = require('../common');
+
+var buf = new Buffer(10000);
+var received = 0;
+var ended = 0;
+var maxChunk = 768;
+
+var server = tls.createServer({
+ key: fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem'),
+ cert: fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem')
+}, function(c) {
+ // Lower and upper limits
+ assert(!c.setMaxSendFragment(511));
+ assert(!c.setMaxSendFragment(16385));
+
+ // Correct fragment size
+ assert(c.setMaxSendFragment(maxChunk));
+
+ c.end(buf);
+}).listen(common.PORT, function() {
+ var c = tls.connect(common.PORT, {
+ rejectUnauthorized: false
+ }, function() {
+ c.on('data', function(chunk) {
+ assert(chunk.length <= maxChunk);
+ received += chunk.length;
+ });
+
+ // Ensure that we receive 'end' event anyway
+ c.on('end', function() {
+ ended++;
+ c.destroy();
+ server.close();
+ });
+ });
+});
+
+process.on('exit', function() {
+ assert.equal(ended, 1);
+ assert.equal(received, buf.length);
+});