version 1.37, 2023/03/05 13:12:53 |
version 1.38, 2023/03/06 14:32:06 |
|
|
int verify; |
int verify; |
int verify_depth; |
int verify_depth; |
char *www_path; |
char *www_path; |
} s_time_config; |
} cfg; |
|
|
static const struct option s_time_options[] = { |
static const struct option s_time_options[] = { |
{ |
{ |
.name = "bugs", |
.name = "bugs", |
.desc = "Enable workarounds for known SSL/TLS bugs", |
.desc = "Enable workarounds for known SSL/TLS bugs", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_time_config.bugs, |
.opt.flag = &cfg.bugs, |
}, |
}, |
{ |
{ |
.name = "CAfile", |
.name = "CAfile", |
.argname = "file", |
.argname = "file", |
.desc = "File containing trusted certificates in PEM format", |
.desc = "File containing trusted certificates in PEM format", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_time_config.CAfile, |
.opt.arg = &cfg.CAfile, |
}, |
}, |
{ |
{ |
.name = "CApath", |
.name = "CApath", |
.argname = "path", |
.argname = "path", |
.desc = "Directory containing trusted certificates", |
.desc = "Directory containing trusted certificates", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_time_config.CApath, |
.opt.arg = &cfg.CApath, |
}, |
}, |
{ |
{ |
.name = "cert", |
.name = "cert", |
.argname = "file", |
.argname = "file", |
.desc = "Client certificate to use, if one is requested", |
.desc = "Client certificate to use, if one is requested", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_time_config.certfile, |
.opt.arg = &cfg.certfile, |
}, |
}, |
{ |
{ |
.name = "cipher", |
.name = "cipher", |
.argname = "list", |
.argname = "list", |
.desc = "List of cipher suites to send to the server", |
.desc = "List of cipher suites to send to the server", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_time_config.cipher, |
.opt.arg = &cfg.cipher, |
}, |
}, |
{ |
{ |
.name = "connect", |
.name = "connect", |
|
|
.desc = "Host and port to connect to (default " |
.desc = "Host and port to connect to (default " |
SSL_CONNECT_NAME ")", |
SSL_CONNECT_NAME ")", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_time_config.host, |
.opt.arg = &cfg.host, |
}, |
}, |
{ |
{ |
.name = "key", |
.name = "key", |
.argname = "file", |
.argname = "file", |
.desc = "Client private key to use, if one is required", |
.desc = "Client private key to use, if one is required", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_time_config.keyfile, |
.opt.arg = &cfg.keyfile, |
}, |
}, |
{ |
{ |
.name = "nbio", |
.name = "nbio", |
.desc = "Use non-blocking I/O", |
.desc = "Use non-blocking I/O", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_time_config.nbio, |
.opt.flag = &cfg.nbio, |
}, |
}, |
{ |
{ |
.name = "new", |
.name = "new", |
.desc = "Use a new session ID for each connection", |
.desc = "Use a new session ID for each connection", |
.type = OPTION_VALUE, |
.type = OPTION_VALUE, |
.opt.value = &s_time_config.perform, |
.opt.value = &cfg.perform, |
.value = 1, |
.value = 1, |
}, |
}, |
{ |
{ |
.name = "no_shutdown", |
.name = "no_shutdown", |
.desc = "Shut down the connection without notifying the server", |
.desc = "Shut down the connection without notifying the server", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_time_config.no_shutdown, |
.opt.flag = &cfg.no_shutdown, |
}, |
}, |
{ |
{ |
.name = "reuse", |
.name = "reuse", |
.desc = "Reuse the same session ID for each connection", |
.desc = "Reuse the same session ID for each connection", |
.type = OPTION_VALUE, |
.type = OPTION_VALUE, |
.opt.value = &s_time_config.perform, |
.opt.value = &cfg.perform, |
.value = 2, |
.value = 2, |
}, |
}, |
{ |
{ |
|
|
.argname = "seconds", |
.argname = "seconds", |
.desc = "Duration to perform timing tests for (default 30)", |
.desc = "Duration to perform timing tests for (default 30)", |
.type = OPTION_ARG_TIME, |
.type = OPTION_ARG_TIME, |
.opt.tvalue = &s_time_config.maxtime, |
.opt.tvalue = &cfg.maxtime, |
}, |
}, |
{ |
{ |
.name = "verify", |
.name = "verify", |
.argname = "depth", |
.argname = "depth", |
.desc = "Enable peer certificate verification with given depth", |
.desc = "Enable peer certificate verification with given depth", |
.type = OPTION_ARG_INT, |
.type = OPTION_ARG_INT, |
.opt.value = &s_time_config.verify_depth, |
.opt.value = &cfg.verify_depth, |
}, |
}, |
{ |
{ |
.name = "www", |
.name = "www", |
.argname = "page", |
.argname = "page", |
.desc = "Page to GET from the server (default none)", |
.desc = "Page to GET from the server (default none)", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_time_config.www_path, |
.opt.arg = &cfg.www_path, |
}, |
}, |
{ NULL }, |
{ NULL }, |
}; |
}; |
|
|
|
|
verify_depth = 0; |
verify_depth = 0; |
|
|
memset(&s_time_config, 0, sizeof(s_time_config)); |
memset(&cfg, 0, sizeof(cfg)); |
|
|
s_time_config.host = SSL_CONNECT_NAME; |
cfg.host = SSL_CONNECT_NAME; |
s_time_config.maxtime = SECONDS; |
cfg.maxtime = SECONDS; |
s_time_config.perform = 3; |
cfg.perform = 3; |
s_time_config.verify = SSL_VERIFY_NONE; |
cfg.verify = SSL_VERIFY_NONE; |
s_time_config.verify_depth = -1; |
cfg.verify_depth = -1; |
|
|
if (options_parse(argc, argv, s_time_options, NULL, NULL) != 0) { |
if (options_parse(argc, argv, s_time_options, NULL, NULL) != 0) { |
s_time_usage(); |
s_time_usage(); |
goto end; |
goto end; |
} |
} |
|
|
if (s_time_config.verify_depth >= 0) { |
if (cfg.verify_depth >= 0) { |
s_time_config.verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; |
cfg.verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; |
verify_depth = s_time_config.verify_depth; |
verify_depth = cfg.verify_depth; |
BIO_printf(bio_err, "verify depth is %d\n", verify_depth); |
BIO_printf(bio_err, "verify depth is %d\n", verify_depth); |
} |
} |
|
|
if (s_time_config.www_path != NULL && |
if (cfg.www_path != NULL && |
strlen(s_time_config.www_path) > MYBUFSIZ - 100) { |
strlen(cfg.www_path) > MYBUFSIZ - 100) { |
BIO_printf(bio_err, "-www option too long\n"); |
BIO_printf(bio_err, "-www option too long\n"); |
goto end; |
goto end; |
} |
} |
|
|
|
|
SSL_CTX_set_quiet_shutdown(tm_ctx, 1); |
SSL_CTX_set_quiet_shutdown(tm_ctx, 1); |
|
|
if (s_time_config.bugs) |
if (cfg.bugs) |
SSL_CTX_set_options(tm_ctx, SSL_OP_ALL); |
SSL_CTX_set_options(tm_ctx, SSL_OP_ALL); |
|
|
if (s_time_config.cipher != NULL) { |
if (cfg.cipher != NULL) { |
if (!SSL_CTX_set_cipher_list(tm_ctx, s_time_config.cipher)) { |
if (!SSL_CTX_set_cipher_list(tm_ctx, cfg.cipher)) { |
BIO_printf(bio_err, "error setting cipher list\n"); |
BIO_printf(bio_err, "error setting cipher list\n"); |
ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
goto end; |
goto end; |
} |
} |
} |
} |
|
|
SSL_CTX_set_verify(tm_ctx, s_time_config.verify, NULL); |
SSL_CTX_set_verify(tm_ctx, cfg.verify, NULL); |
|
|
if (!set_cert_stuff(tm_ctx, s_time_config.certfile, |
if (!set_cert_stuff(tm_ctx, cfg.certfile, |
s_time_config.keyfile)) |
cfg.keyfile)) |
goto end; |
goto end; |
|
|
if ((!SSL_CTX_load_verify_locations(tm_ctx, s_time_config.CAfile, |
if ((!SSL_CTX_load_verify_locations(tm_ctx, cfg.CAfile, |
s_time_config.CApath)) || |
cfg.CApath)) || |
(!SSL_CTX_set_default_verify_paths(tm_ctx))) { |
(!SSL_CTX_set_default_verify_paths(tm_ctx))) { |
/* |
/* |
* BIO_printf(bio_err,"error setting default verify |
* BIO_printf(bio_err,"error setting default verify |
|
|
} |
} |
|
|
/* Loop and time how long it takes to make connections */ |
/* Loop and time how long it takes to make connections */ |
if (s_time_config.perform & 1) { |
if (cfg.perform & 1) { |
printf("Collecting connection statistics for %lld seconds\n", |
printf("Collecting connection statistics for %lld seconds\n", |
(long long)s_time_config.maxtime); |
(long long)cfg.maxtime); |
if (benchmark(0)) |
if (benchmark(0)) |
goto end; |
goto end; |
} |
} |
|
|
* Now loop and time connections using the same session id over and |
* Now loop and time connections using the same session id over and |
* over |
* over |
*/ |
*/ |
if (s_time_config.perform & 2) { |
if (cfg.perform & 2) { |
printf("\n\nNow timing with session id reuse.\n"); |
printf("\n\nNow timing with session id reuse.\n"); |
if (benchmark(1)) |
if (benchmark(1)) |
goto end; |
goto end; |
|
|
|
|
if ((conn = BIO_new(BIO_s_connect())) == NULL) |
if ((conn = BIO_new(BIO_s_connect())) == NULL) |
return 0; |
return 0; |
BIO_set_conn_hostname(conn, s_time_config.host); |
BIO_set_conn_hostname(conn, cfg.host); |
SSL_set_connect_state(scon); |
SSL_set_connect_state(scon); |
SSL_set_bio(scon, conn, conn); |
SSL_set_bio(scon, conn, conn); |
for (;;) { |
for (;;) { |
|
|
ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
return 0; |
return 0; |
} |
} |
if (s_time_config.www_path != NULL) { |
if (cfg.www_path != NULL) { |
retval = snprintf(buf, sizeof buf, |
retval = snprintf(buf, sizeof buf, |
"GET %s HTTP/1.0\r\n\r\n", s_time_config.www_path); |
"GET %s HTTP/1.0\r\n\r\n", cfg.www_path); |
if (retval < 0 || retval >= sizeof buf) { |
if (retval < 0 || retval >= sizeof buf) { |
fprintf(stderr, "URL too long\n"); |
fprintf(stderr, "URL too long\n"); |
return 0; |
return 0; |
|
|
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0) |
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0) |
bytes_read += i; |
bytes_read += i; |
} |
} |
if (s_time_config.no_shutdown) |
if (cfg.no_shutdown) |
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | |
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | |
SSL_RECEIVED_SHUTDOWN); |
SSL_RECEIVED_SHUTDOWN); |
else |
else |
|
|
app_timer_user(TM_RESET); |
app_timer_user(TM_RESET); |
for (;;) { |
for (;;) { |
elapsed = app_timer_real(TM_GET); |
elapsed = app_timer_real(TM_GET); |
if (elapsed > s_time_config.maxtime) |
if (elapsed > cfg.maxtime) |
break; |
break; |
if (scon == NULL) { |
if (scon == NULL) { |
if ((scon = SSL_new(tm_ctx)) == NULL) |
if ((scon = SSL_new(tm_ctx)) == NULL) |