From 47668c399af1fbea256ebad32df46ee78bbe3ac2 Mon Sep 17 00:00:00 2001
From: ignoramous <ignoramous@users.noreply.github.com>
Date: Thu, 17 Oct 2024 02:01:45 +0530
Subject: [PATCH] doh: use tls session cache

In our experiments with rethinkdns, employing
a session cache reduces data consumed by
DoH by 3x (500mb/mo down to 180mb/mo)
and latency by upto 4x.
---
 Android/app/src/go/doh/doh.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Android/app/src/go/doh/doh.go b/Android/app/src/go/doh/doh.go
index 82e2f69a..fae8947b 100644
--- a/Android/app/src/go/doh/doh.go
+++ b/Android/app/src/go/doh/doh.go
@@ -204,13 +204,13 @@ func NewResolver(rawurl string, addrs []string, dialer *net.Dialer, auth ClientA
 		return nil, fmt.Errorf("No IP addresses for %s", t.hostname)
 	}
 
-	// Supply a client certificate during TLS handshakes.
-	var tlsconfig *tls.Config
+	// Use session cache to minimize repeat TLS handshake overhead.
+	tlsconfig := &tls.Config{
+		ClientSessionCache: tls.NewLRUClientSessionCache(64),
+	}
 	if auth != nil {
 		signer := newClientAuthWrapper(auth)
-		tlsconfig = &tls.Config{
-			GetClientCertificate: signer.GetClientCertificate,
-		}
+		tlsconfig.GetClientCertificate = signer.GetClientCertificate
 	}
 
 	// Override the dial function.