Opened 9 years ago

Closed 9 years ago

Last modified 20 months ago

#4936 closed enhancement (fixed)

enable SSL for DEFLATE compression

Reported by: robot101 Owned by: robot101
Priority: high Milestone:
Component: telepathy-other Version:
Keywords: fixed Update.1? Cc: daf, morgs, gdesmott
Blocked By: Blocking:
Deployments affected: Action Needed:
Verified: no


Given we have issues with the roster download taking too long (#4896, although it's a legitimate bug which daf is currently fixing) I spent a bit looking into whether we could enable SSL and negotiate DEFLATE encryption to reduce the bandwidth burden of the XMPP server traffic. I patched Loudmouth to instruct GNUTLS to negotiate DEFLATE if available, and patched Presence Service to enable old SSL (XMPP over SSL on port 5223, because Loudmouth 1.2.x doesn't support STARRTLS) and ignore certificate verification errors.

Results are very promising, on my laptop I tested logging in to and downloading the roster, then signing out, and measured the times and data transferred:

Without compression:
460k downloaded
real 0m28.717s
user 0m2.556s
sys 0m0.204s

With compression:
104k downloaded
real 0m19.382s
user 0m2.600s
sys 0m0.252s

So, for a negligible cost in CPU time we can take the bandwidth usage at sign-on down to 22% of the current, and hence significantly reduce the sign-on time on slow links (such as "media lab 802.11" :D). The 'real' times are a bit inaccurate because I was ending the tests manually, but it's definitely faster.

These patches have also been tested on top of Joyride on an XO too, and work well. The appropriate changes are to Loudmouth, which I've already made an SRPM which Dennis is integrating to Joyride, and to Presence Service which we'll include in the new release.

Attachments (2)

ps-enable-ssl.patch (817 bytes) - added by robot101 9 years ago.
patch to presence service to use SSL
loudmouth-gnutls-compression.patch (1.3 KB) - added by robot101 9 years ago.
patch to loudmouth to enable compression in GNUTLS

Download all attachments as: .zip

Change History (12)

Changed 9 years ago by robot101

patch to presence service to use SSL

Changed 9 years ago by robot101

patch to loudmouth to enable compression in GNUTLS

comment:1 Changed 9 years ago by robot101

  • Cc daf morgs added
  • Keywords review? added

comment:2 Changed 9 years ago by robot101

Presence service patch is committed to git, and the loudmouth should be in the next Joyride build.

comment:3 Changed 9 years ago by daf

  • Keywords review? removed

Both patches look good to me. I'll commit the Loudmouth patch to upstream Git. Removing review tag.

comment:4 Changed 9 years ago by gdesmott

  • Cc gdesmott added

comment:5 Changed 9 years ago by morgs

This should now be in Joyride 277. When this is approved for Update.1 and tagged as such, we can close #2522 and #4896 as they are already approved and in the same PS snapshot (sugar-presence-service.noarch 0:0.65-0.27.20071114git128c59c612).

comment:6 Changed 9 years ago by robot101

  • Keywords fixed added

Approval also required for loudmouth-1.2.3-2.fc7 to be included in Update.1.

comment:7 Changed 9 years ago by jg

  • Owner changed from ApprovalForUpdate to cscott
  • Priority changed from normal to high


comment:8 Changed 9 years ago by cscott

  • Owner changed from cscott to robot101

Verified in update1-637. robot101, could you verify that update1-637 actually fixes this bug, and close this trac item if it does?

comment:9 Changed 9 years ago by robot101

  • Resolution set to fixed
  • Status changed from new to closed

Verified by sjoerd to be present in Joyride 1371:

* GNUTLS negotiated compression: DEFLATE

comment:10 Changed 20 months ago by Quozl

  • Milestone Update.1 deleted

Milestone Update.1 deleted

Note: See TracTickets for help on using tickets.