[stunnel-users] RFC 2487 test in smtp_server not reliable

Hans Werner Strube strube at physik3.gwdg.de
Wed Aug 23 11:43:12 CEST 2006


Michal Trojnara wrote:
> On 2006-08-22, at 10:55, Hans Werner Strube wrote:
> > Instead of waiting, a better method would
> > be to have a finer timeout resolution than 1 sec in 
> > s_poll_wait(...,...);
> > setting the timeout to 1 (sec) would be too embarrassing for TLS
> > connections. But this would require major changes in the sources.
> 
> I'm going to do it the hard way and add another parameter to 
> s_poll_wait() function.
> 
> IMHO the timeout should be between 100ms and 500ms.  What do you think?

I have not tested the minimum required. However, it should be as short
as possible, since for a client using TLS, the full delay will always
occur on starting a connection. It should be documented somewhere how
this new constant could be configured in compilation.



More information about the stunnel-users mailing list