Heil_Me Heil_Me - 2 months ago 13
C++ Question

How to use SSL_CTX_set_split_send_fragment

How can I use SSL_CTX_set_split_send_fragment?
I include and use ssl and crypto linker in my project but when I build my C++ project I face with this error:

error: ‘SSL_CTX_set_split_send_fragment’ was not declared in this scope


My OpenSSL version is 1.0.1e-fips 11 Feb 2013 and gcc version 4.8.5 20150623.

jww jww
Answer
error: ‘SSL_CTX_set_split_send_fragment’ was not declared in this scope

My OpenSSL version is 1.0.1e-fips 11 Feb 2013 and gcc version 4.8.5 20150623.

If you visit OpenSSL's online man pages at OpenSSL Manpages and navigate into the 1.0.1 branch, and then into The SSL library, you will see its not part of OpenSSL 1.0.1. Its not part of OpenSSL 1.0.2, either.

You should try OpenSSL 1.1.0. That will get you past the compile error. Also see the SSL_CTX_set_split_send_fragment man page :).


I don't usually see questions about the underlying transport PDU size, the record layer size or fragmentation size. In fact, most of the mobile platforms I work on ignore the TCP SO_* options related to them. Carriers effectively hard code their values and that's it. There's no sense in trying to work around it or improve upon it.

With that said, you can usually find good tuning and performance discussions when researching "time to first byte". One I am familiar with is Optimizing NGINX TLS Time To First Byte (TTTFB). It starts by increasing the write buffer size:

(void) BIO_set_write_buffer_size(wbio, 16384);

But I'm not sure how useful BIO_set_write_buffer_size (or anything else) will be given you don't have access to the clients or the MS SQL server.

Comments