From 31a1bed9105c224d9e1da1e17f019428a864ec44 Mon Sep 17 00:00:00 2001
From: xiehan <52160700+Barenboim@users.noreply.github.com>
Date: Tue, 15 Jul 2025 21:25:13 +0800
Subject: [PATCH] Set TCP_NODELAY for TCP SSL connections. (#1753)

---
 src/manager/RouteManager.cc | 54 ++++++++++++++++++++++++++++---------
 src/server/WFServer.cc      | 14 ++++++++++
 2 files changed, 56 insertions(+), 12 deletions(-)

diff --git a/src/manager/RouteManager.cc b/src/manager/RouteManager.cc
index d14640c8..081e350f 100644
--- a/src/manager/RouteManager.cc
+++ b/src/manager/RouteManager.cc
@@ -18,6 +18,8 @@
 
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
 #include <netdb.h>
 #include <stdlib.h>
 #include <stdint.h>
@@ -76,8 +78,30 @@ private:
 #endif
 };
 
+class RouteTargetTCP_SSL : public RouteTargetTCP
+{
+private:
+	virtual int create_connect_fd()
+	{
+		const struct sockaddr *addr;
+		socklen_t addrlen;
+		int sockfd;
+
+		this->get_addr(&addr, &addrlen);
+		sockfd = socket(addr->sa_family, SOCK_STREAM, 0);
+		if (sockfd >= 0)
+		{
+			int nodelay = 1;
+			setsockopt(sockfd, IPPROTO_TCP, TCP_NODELAY,
+					   &nodelay, sizeof (int));
+		}
+
+		return sockfd;
+	}
+};
+
 /* To support TLS SNI. */
-class RouteTargetTCPSNI : public RouteTargetTCP
+class RouteTargetTCP_TLS_SNI : public RouteTargetTCP_SSL
 {
 private:
 	virtual int init_ssl(SSL *ssl)
@@ -92,12 +116,14 @@ private:
 	std::string hostname;
 
 public:
-	RouteTargetTCPSNI(const std::string& name) : hostname(name)
+	RouteTargetTCP_TLS_SNI(const std::string& name) : hostname(name)
 	{
 	}
 };
 
-class RouteTargetSCTPSNI : public RouteTargetSCTP
+using RouteTargetSCTP_SSL = RouteTargetSCTP;
+
+class RouteTargetSCTP_TLS_SNI : public RouteTargetSCTP_SSL
 {
 private:
 	virtual int init_ssl(SSL *ssl)
@@ -112,7 +138,7 @@ private:
 	std::string hostname;
 
 public:
-	RouteTargetSCTPSNI(const std::string& name) : hostname(name)
+	RouteTargetSCTP_TLS_SNI(const std::string& name) : hostname(name)
 	{
 	}
 };
@@ -186,22 +212,26 @@ RouteResultEntry::create_target(const struct RouteParams *params,
 
 	switch (params->transport_type)
 	{
-	case TT_TCP_SSL:
-		if (params->use_tls_sni)
-			target = new RouteTargetTCPSNI(params->hostname);
-		else
 	case TT_TCP:
-			target = new RouteTargetTCP();
+		target = new RouteTargetTCP();
 		break;
 	case TT_UDP:
 		target = new RouteTargetUDP();
 		break;
+	case TT_SCTP:
+		target = new RouteTargetSCTP();
+		break;
+	case TT_TCP_SSL:
+		if (params->use_tls_sni)
+			target = new RouteTargetTCP_TLS_SNI(params->hostname);
+		else
+			target = new RouteTargetTCP_SSL;
+		break;
 	case TT_SCTP_SSL:
 		if (params->use_tls_sni)
-			target = new RouteTargetSCTPSNI(params->hostname);
+			target = new RouteTargetSCTP_TLS_SNI(params->hostname);
 		else
-	case TT_SCTP:
-			target = new RouteTargetSCTP();
+			target = new RouteTargetSCTP_SSL;
 		break;
 	default:
 		errno = EINVAL;
diff --git a/src/server/WFServer.cc b/src/server/WFServer.cc
index 7dd6724c..7c275388 100644
--- a/src/server/WFServer.cc
+++ b/src/server/WFServer.cc
@@ -19,6 +19,8 @@
 
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
 #include <errno.h>
 #include <unistd.h>
 #include <stdio.h>
@@ -181,6 +183,18 @@ WFConnection *WFServerBase::new_connection(int accept_fd)
 		int reuse = 1;
 		setsockopt(accept_fd, SOL_SOCKET, SO_REUSEADDR,
 				   &reuse, sizeof (int));
+
+		if (this->get_ssl_ctx())
+		{
+			if (this->params.transport_type == TT_TCP ||
+				this->params.transport_type == TT_TCP_SSL)
+			{
+				int nodelay = 1;
+				setsockopt(accept_fd, IPPROTO_TCP, TCP_NODELAY,
+						   &nodelay, sizeof (int));
+			}
+		}
+
 		return new WFServerConnection(&this->conn_count);
 	}