From: Matt Caswell Date: Tue, 1 May 2018 10:46:58 +0000 (+0100) Subject: Add a note about Nagle's algorithm on the SSL_connect man page X-Git-Tag: OpenSSL_1_1_1-pre7~119 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=6299c7a4020294582d9424cb8aaf439d2ff0da94;hp=aebd0e5ca12d1ba0b229a4121a54afa5ea2d8aa1 Add a note about Nagle's algorithm on the SSL_connect man page Fixes #4237 Reviewed-by: Rich Salz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/6143) --- diff --git a/doc/man3/SSL_connect.pod b/doc/man3/SSL_connect.pod index 1f054d6767..5c9eff8582 100644 --- a/doc/man3/SSL_connect.pod +++ b/doc/man3/SSL_connect.pod @@ -35,6 +35,21 @@ nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue. +Many systems implement Nagle's algorithm by default which means that it will +buffer outgoing TCP data if a TCP packet has already been sent for which no +corresponding ACK has been received yet from the peer. This can have performance +impacts after a successful TLSv1.3 handshake or a successful TLSv1.2 (or below) +resumption handshake, because the last peer to communicate in the handshake is +the client. If the client is also the first to send application data (as is +typical for many protocols) then this data could be buffered until an ACK has +been received for the final handshake message. + +The B socket option is often available to disable Nagle's +algorithm. If an application opts to disable Nagle's algorithm consideration +should be given to turning it back on again later if appropriate. The helper +function BIO_set_tcp_ndelay() can be used to turn on or off the B +option. + =head1 RETURN VALUES The following return values can occur: