WIP: Replace GnuTLS by BoringSSL
This is an attempt to replace GnuTLS by BoringSSL in the knot-resolver daemon for DNS-over-TLS. The goal is mainly to find out which performs better. As there is not always a 1-to-1 mapping between functions and datatypes in GnuTLS and BoringSSL, here is a list of the most significant changes:
- BoringSSL has 48-byte session tickets instead of 64-byte ones. It also doesn't have SHA3. This is replaced by SHA-348.
- BoringSSL uses the BIO (buffered I/O) datastructure for reading and writing, instead of specifying callbacks.
- GnuTLS writes the Server Hello, Certificate, Server Key Exchange and Server Hello Done in separate TCP packets during the TLS handshake. BoringSSL combines them in a single packet, reducing some overhead.
- There's not really an equivalent of the gnutls_certificate_credentials_t type, so that is replaced by a private key object and a certificate chain object.
- BoringSSL distinguishes between a global SSL_CTX context and a unique-per-session SSL structure that is based on the global context. I made the network owner of the global context. Many settings (e.g., setting certificate root trust store) can be done both on the global level and per session. I now divided it in such a way to have minimal changes with the current code.
- I added a simple benchmark script.
The code passes the tests that are currently there and I was able to complete DNS-over-TLS queries with these changes, but some parts (e.g., client functionality, session resumption) are not very thoroughly tested yet.
I would be interested in your feedback. :)
Also, the build is broken because I can't manage to add Go (dependency for Boringssl) to the Docker images.