doh: use tls session cache

In our experiments with rethinkdns, employing a session cache reduces data consumed by DoH by 3x (500mb/mo down to 180mb/mo) and latency by upto 4x.
Jigsaw-Code · Oct 16, 2024 · 47668c3 · 47668c3
1 parent 27637e0
commit 47668c3
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/Android/app/src/go/doh/doh.go b/Android/app/src/go/doh/doh.go
@@ -204,13 +204,13 @@ func NewResolver(rawurl string, addrs []string, dialer *net.Dialer, auth ClientA
 		return nil, fmt.Errorf("No IP addresses for %s", t.hostname)
 	}
 
-	// Supply a client certificate during TLS handshakes.
-	var tlsconfig *tls.Config
+	// Use session cache to minimize repeat TLS handshake overhead.
+	tlsconfig := &tls.Config{
+		ClientSessionCache: tls.NewLRUClientSessionCache(64),
+	}
 	if auth != nil {
 		signer := newClientAuthWrapper(auth)
-		tlsconfig = &tls.Config{
-			GetClientCertificate: signer.GetClientCertificate,
-		}
+		tlsconfig.GetClientCertificate = signer.GetClientCertificate
 	}
 
 	// Override the dial function.