Ticket #4936 (closed enhancement: fixed)

Opened 7 years ago

Last modified 7 years ago

enable SSL for DEFLATE compression

Reported by: robot101 Owned by: robot101
Priority: high Milestone: Update.1
Component: telepathy-other Version:
Keywords: fixed Update.1? Cc: daf, morgs, gdesmott
Action Needed: Verified: no
Deployments affected: Blocked By:
Blocking:

Description

Given we have issues with the roster download taking too long (#4896, although it's a legitimate bug which daf is currently fixing) I spent a bit looking into whether we could enable SSL and negotiate DEFLATE encryption to reduce the bandwidth burden of the XMPP server traffic. I patched Loudmouth to instruct GNUTLS to negotiate DEFLATE if available, and patched Presence Service to enable old SSL (XMPP over SSL on port 5223, because Loudmouth 1.2.x doesn't support STARRTLS) and ignore certificate verification errors.

Results are very promising, on my laptop I tested logging in to jabber.laptop.org and downloading the roster, then signing out, and measured the times and data transferred:

Without compression: 460k downloaded real 0m28.717s user 0m2.556s sys 0m0.204s

With compression: 104k downloaded real 0m19.382s user 0m2.600s sys 0m0.252s

So, for a negligible cost in CPU time we can take the bandwidth usage at sign-on down to 22% of the current, and hence significantly reduce the sign-on time on slow links (such as "media lab 802.11" :D). The 'real' times are a bit inaccurate because I was ending the tests manually, but it's definitely faster.

These patches have also been tested on top of Joyride on an XO too, and work well. The appropriate changes are to Loudmouth, which I've already made an SRPM which Dennis is integrating to Joyride, and to Presence Service which we'll include in the new release.

Attachments

ps-enable-ssl.patch (0.8 kB) - added by robot101 7 years ago.
patch to presence service to use SSL
loudmouth-gnutls-compression.patch (1.3 kB) - added by robot101 7 years ago.
patch to loudmouth to enable compression in GNUTLS

Change History

Changed 7 years ago by robot101

patch to presence service to use SSL

Changed 7 years ago by robot101

patch to loudmouth to enable compression in GNUTLS

Changed 7 years ago by robot101

  • cc daf, morgs added
  • keywords review? added

Changed 7 years ago by robot101

Presence service patch is committed to git, and the loudmouth should be in the next Joyride build.

Changed 7 years ago by daf

  • keywords review? removed

Both patches look good to me. I'll commit the Loudmouth patch to upstream Git. Removing review tag.

Changed 7 years ago by gdesmott

  • cc gdesmott added

Changed 7 years ago by morgs

This should now be in Joyride 277. When this is approved for Update.1 and tagged as such, we can close #2522 and #4896 as they are already approved and in the same PS snapshot (sugar-presence-service.noarch 0:0.65-0.27.20071114git128c59c612).

Changed 7 years ago by robot101

  • keywords fixed added

Approval also required for loudmouth-1.2.3-2.fc7 to be included in Update.1.

Changed 7 years ago by jg

  • owner changed from ApprovalForUpdate to cscott
  • priority changed from normal to high

Approved.

Changed 7 years ago by cscott

  • owner changed from cscott to robot101

Verified in update1-637. robot101, could you verify that update1-637 actually fixes this bug, and close this trac item if it does?

Changed 7 years ago by robot101

  • status changed from new to closed
  • resolution set to fixed

Verified by sjoerd to be present in Joyride 1371:

*** GNUTLS negotiated compression: DEFLATE

Note: See TracTickets for help on using tickets.