Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

avoid ProtocolToken allocations in TLS handshake #86163

Merged
merged 4 commits into from May 18, 2023
Merged

avoid ProtocolToken allocations in TLS handshake #86163

merged 4 commits into from May 18, 2023

Conversation

wfurt
Copy link
Member

@wfurt wfurt commented May 12, 2023

ProtocolToken are somewhat high for 1000 TLS handshakes:
ProtocolToken

Since that is basically just container for status and buffet it seems unnecessary. There may be further optimizations but for now I turn it into struct and pass ref to it. To pass that across async boundary ReceiveBlobAsync no longer calls crypto e.g. it does only IO and ProcessTlsFrame (former ProcessBlob) is called explicit to process it.

AFAIK this is last low hanging fruit -> closes #68951

@wfurt wfurt added this to the 8.0.0 milestone May 12, 2023
@wfurt wfurt requested a review from a team May 12, 2023 17:58
@wfurt wfurt self-assigned this May 12, 2023
@wfurt wfurt marked this pull request as ready for review May 12, 2023 17:59
@ghost
Copy link

ghost commented May 12, 2023

Tagging subscribers to this area: @dotnet/ncl, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

ProtocolToken are somewhat high for 1000 TLS handshakes:
ProtocolToken

Since that is basically just container for status and buffet it seems unnecessary. There may be further optimizations but for now I turn it into struct and pass ref to it. To pass that across async boundary ReceiveBlobAsync no longer calls crypto e.g. it does only IO and ProcessTlsFrame (former ProcessBlob) is called explicit to process it.

AFAIK this is last low hanging fruit -> closes #68951

Author: wfurt
Assignees: wfurt
Labels:

area-System.Net.Security
Milestone: 8.0.0

MihaZupan
MihaZupan approved these changes May 12, 2023
View reviewed changes
src/libraries/System.Net.Security/src/System/Net/Security/SslStream.Android.cs
@@ -31,13 +31,13 @@ private JavaProxy.RemoteCertificateValidationResult VerifyRemoteCertificate()
};
}

private bool TryGetRemoteCertificateValidationResult(out SslPolicyErrors sslPolicyErrors, out X509ChainStatusFlags chainStatus, out ProtocolToken? alertToken, out bool isValid)
private bool TryGetRemoteCertificateValidationResult(out SslPolicyErrors sslPolicyErrors, out X509ChainStatusFlags chainStatus, ref ProtocolToken alertToken, out bool isValid)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: A bunch of these look like they could remain as out (e.g., NextMessage, ProcessTlsFrame)

rzikm
rzikm approved these changes May 15, 2023
View reviewed changes
Copy link
Member

@rzikm rzikm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

stephentoub
stephentoub approved these changes May 15, 2023
View reviewed changes
Copy link
Member

@stephentoub stephentoub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other than the pending comments, LGTM.

@wfurt wfurt merged commit 16fc92f into dotnet:main May 18, 2023
105 checks passed
@wfurt wfurt deleted the token branch May 18, 2023 05:42
@dotnet dotnet locked as resolved and limited conversation to collaborators Jun 17, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@stephentoub stephentoub stephentoub approved these changes

@MihaZupan MihaZupan MihaZupan approved these changes

@rzikm rzikm rzikm approved these changes

Assignees

@wfurt wfurt

Labels
area-System.Net.Security
Projects
None yet
Milestone
8.0.0
Development

Successfully merging this pull request may close these issues.

Reduce unnecessary allocations in TLS handshake (windows)
4 participants
@wfurt @stephentoub @MihaZupan @rzikm