| version 1.37, 2023/03/05 13:12:53 |
version 1.38, 2023/03/06 14:32:06 |
|
|
| int verify; |
int verify; |
| int verify_depth; |
int verify_depth; |
| char *www_path; |
char *www_path; |
| } s_time_config; |
} cfg; |
| |
|
| static const struct option s_time_options[] = { |
static const struct option s_time_options[] = { |
| { |
{ |
| .name = "bugs", |
.name = "bugs", |
| .desc = "Enable workarounds for known SSL/TLS bugs", |
.desc = "Enable workarounds for known SSL/TLS bugs", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &s_time_config.bugs, |
.opt.flag = &cfg.bugs, |
| }, |
}, |
| { |
{ |
| .name = "CAfile", |
.name = "CAfile", |
| .argname = "file", |
.argname = "file", |
| .desc = "File containing trusted certificates in PEM format", |
.desc = "File containing trusted certificates in PEM format", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &s_time_config.CAfile, |
.opt.arg = &cfg.CAfile, |
| }, |
}, |
| { |
{ |
| .name = "CApath", |
.name = "CApath", |
| .argname = "path", |
.argname = "path", |
| .desc = "Directory containing trusted certificates", |
.desc = "Directory containing trusted certificates", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &s_time_config.CApath, |
.opt.arg = &cfg.CApath, |
| }, |
}, |
| { |
{ |
| .name = "cert", |
.name = "cert", |
| .argname = "file", |
.argname = "file", |
| .desc = "Client certificate to use, if one is requested", |
.desc = "Client certificate to use, if one is requested", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &s_time_config.certfile, |
.opt.arg = &cfg.certfile, |
| }, |
}, |
| { |
{ |
| .name = "cipher", |
.name = "cipher", |
| .argname = "list", |
.argname = "list", |
| .desc = "List of cipher suites to send to the server", |
.desc = "List of cipher suites to send to the server", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &s_time_config.cipher, |
.opt.arg = &cfg.cipher, |
| }, |
}, |
| { |
{ |
| .name = "connect", |
.name = "connect", |
|
|
| .desc = "Host and port to connect to (default " |
.desc = "Host and port to connect to (default " |
| SSL_CONNECT_NAME ")", |
SSL_CONNECT_NAME ")", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &s_time_config.host, |
.opt.arg = &cfg.host, |
| }, |
}, |
| { |
{ |
| .name = "key", |
.name = "key", |
| .argname = "file", |
.argname = "file", |
| .desc = "Client private key to use, if one is required", |
.desc = "Client private key to use, if one is required", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &s_time_config.keyfile, |
.opt.arg = &cfg.keyfile, |
| }, |
}, |
| { |
{ |
| .name = "nbio", |
.name = "nbio", |
| .desc = "Use non-blocking I/O", |
.desc = "Use non-blocking I/O", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &s_time_config.nbio, |
.opt.flag = &cfg.nbio, |
| }, |
}, |
| { |
{ |
| .name = "new", |
.name = "new", |
| .desc = "Use a new session ID for each connection", |
.desc = "Use a new session ID for each connection", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .opt.value = &s_time_config.perform, |
.opt.value = &cfg.perform, |
| .value = 1, |
.value = 1, |
| }, |
}, |
| { |
{ |
| .name = "no_shutdown", |
.name = "no_shutdown", |
| .desc = "Shut down the connection without notifying the server", |
.desc = "Shut down the connection without notifying the server", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &s_time_config.no_shutdown, |
.opt.flag = &cfg.no_shutdown, |
| }, |
}, |
| { |
{ |
| .name = "reuse", |
.name = "reuse", |
| .desc = "Reuse the same session ID for each connection", |
.desc = "Reuse the same session ID for each connection", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .opt.value = &s_time_config.perform, |
.opt.value = &cfg.perform, |
| .value = 2, |
.value = 2, |
| }, |
}, |
| { |
{ |
|
|
| .argname = "seconds", |
.argname = "seconds", |
| .desc = "Duration to perform timing tests for (default 30)", |
.desc = "Duration to perform timing tests for (default 30)", |
| .type = OPTION_ARG_TIME, |
.type = OPTION_ARG_TIME, |
| .opt.tvalue = &s_time_config.maxtime, |
.opt.tvalue = &cfg.maxtime, |
| }, |
}, |
| { |
{ |
| .name = "verify", |
.name = "verify", |
| .argname = "depth", |
.argname = "depth", |
| .desc = "Enable peer certificate verification with given depth", |
.desc = "Enable peer certificate verification with given depth", |
| .type = OPTION_ARG_INT, |
.type = OPTION_ARG_INT, |
| .opt.value = &s_time_config.verify_depth, |
.opt.value = &cfg.verify_depth, |
| }, |
}, |
| { |
{ |
| .name = "www", |
.name = "www", |
| .argname = "page", |
.argname = "page", |
| .desc = "Page to GET from the server (default none)", |
.desc = "Page to GET from the server (default none)", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &s_time_config.www_path, |
.opt.arg = &cfg.www_path, |
| }, |
}, |
| { NULL }, |
{ NULL }, |
| }; |
}; |
|
|
| |
|
| verify_depth = 0; |
verify_depth = 0; |
| |
|
| memset(&s_time_config, 0, sizeof(s_time_config)); |
memset(&cfg, 0, sizeof(cfg)); |
| |
|
| s_time_config.host = SSL_CONNECT_NAME; |
cfg.host = SSL_CONNECT_NAME; |
| s_time_config.maxtime = SECONDS; |
cfg.maxtime = SECONDS; |
| s_time_config.perform = 3; |
cfg.perform = 3; |
| s_time_config.verify = SSL_VERIFY_NONE; |
cfg.verify = SSL_VERIFY_NONE; |
| s_time_config.verify_depth = -1; |
cfg.verify_depth = -1; |
| |
|
| if (options_parse(argc, argv, s_time_options, NULL, NULL) != 0) { |
if (options_parse(argc, argv, s_time_options, NULL, NULL) != 0) { |
| s_time_usage(); |
s_time_usage(); |
| goto end; |
goto end; |
| } |
} |
| |
|
| if (s_time_config.verify_depth >= 0) { |
if (cfg.verify_depth >= 0) { |
| s_time_config.verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; |
cfg.verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; |
| verify_depth = s_time_config.verify_depth; |
verify_depth = cfg.verify_depth; |
| BIO_printf(bio_err, "verify depth is %d\n", verify_depth); |
BIO_printf(bio_err, "verify depth is %d\n", verify_depth); |
| } |
} |
| |
|
| if (s_time_config.www_path != NULL && |
if (cfg.www_path != NULL && |
| strlen(s_time_config.www_path) > MYBUFSIZ - 100) { |
strlen(cfg.www_path) > MYBUFSIZ - 100) { |
| BIO_printf(bio_err, "-www option too long\n"); |
BIO_printf(bio_err, "-www option too long\n"); |
| goto end; |
goto end; |
| } |
} |
|
|
| |
|
| SSL_CTX_set_quiet_shutdown(tm_ctx, 1); |
SSL_CTX_set_quiet_shutdown(tm_ctx, 1); |
| |
|
| if (s_time_config.bugs) |
if (cfg.bugs) |
| SSL_CTX_set_options(tm_ctx, SSL_OP_ALL); |
SSL_CTX_set_options(tm_ctx, SSL_OP_ALL); |
| |
|
| if (s_time_config.cipher != NULL) { |
if (cfg.cipher != NULL) { |
| if (!SSL_CTX_set_cipher_list(tm_ctx, s_time_config.cipher)) { |
if (!SSL_CTX_set_cipher_list(tm_ctx, cfg.cipher)) { |
| BIO_printf(bio_err, "error setting cipher list\n"); |
BIO_printf(bio_err, "error setting cipher list\n"); |
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| } |
} |
| |
|
| SSL_CTX_set_verify(tm_ctx, s_time_config.verify, NULL); |
SSL_CTX_set_verify(tm_ctx, cfg.verify, NULL); |
| |
|
| if (!set_cert_stuff(tm_ctx, s_time_config.certfile, |
if (!set_cert_stuff(tm_ctx, cfg.certfile, |
| s_time_config.keyfile)) |
cfg.keyfile)) |
| goto end; |
goto end; |
| |
|
| if ((!SSL_CTX_load_verify_locations(tm_ctx, s_time_config.CAfile, |
if ((!SSL_CTX_load_verify_locations(tm_ctx, cfg.CAfile, |
| s_time_config.CApath)) || |
cfg.CApath)) || |
| (!SSL_CTX_set_default_verify_paths(tm_ctx))) { |
(!SSL_CTX_set_default_verify_paths(tm_ctx))) { |
| /* |
/* |
| * BIO_printf(bio_err,"error setting default verify |
* BIO_printf(bio_err,"error setting default verify |
|
|
| } |
} |
| |
|
| /* Loop and time how long it takes to make connections */ |
/* Loop and time how long it takes to make connections */ |
| if (s_time_config.perform & 1) { |
if (cfg.perform & 1) { |
| printf("Collecting connection statistics for %lld seconds\n", |
printf("Collecting connection statistics for %lld seconds\n", |
| (long long)s_time_config.maxtime); |
(long long)cfg.maxtime); |
| if (benchmark(0)) |
if (benchmark(0)) |
| goto end; |
goto end; |
| } |
} |
|
|
| * Now loop and time connections using the same session id over and |
* Now loop and time connections using the same session id over and |
| * over |
* over |
| */ |
*/ |
| if (s_time_config.perform & 2) { |
if (cfg.perform & 2) { |
| printf("\n\nNow timing with session id reuse.\n"); |
printf("\n\nNow timing with session id reuse.\n"); |
| if (benchmark(1)) |
if (benchmark(1)) |
| goto end; |
goto end; |
|
|
| |
|
| if ((conn = BIO_new(BIO_s_connect())) == NULL) |
if ((conn = BIO_new(BIO_s_connect())) == NULL) |
| return 0; |
return 0; |
| BIO_set_conn_hostname(conn, s_time_config.host); |
BIO_set_conn_hostname(conn, cfg.host); |
| SSL_set_connect_state(scon); |
SSL_set_connect_state(scon); |
| SSL_set_bio(scon, conn, conn); |
SSL_set_bio(scon, conn, conn); |
| for (;;) { |
for (;;) { |
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| return 0; |
return 0; |
| } |
} |
| if (s_time_config.www_path != NULL) { |
if (cfg.www_path != NULL) { |
| retval = snprintf(buf, sizeof buf, |
retval = snprintf(buf, sizeof buf, |
| "GET %s HTTP/1.0\r\n\r\n", s_time_config.www_path); |
"GET %s HTTP/1.0\r\n\r\n", cfg.www_path); |
| if (retval < 0 || retval >= sizeof buf) { |
if (retval < 0 || retval >= sizeof buf) { |
| fprintf(stderr, "URL too long\n"); |
fprintf(stderr, "URL too long\n"); |
| return 0; |
return 0; |
|
|
| while ((i = SSL_read(scon, buf, sizeof(buf))) > 0) |
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0) |
| bytes_read += i; |
bytes_read += i; |
| } |
} |
| if (s_time_config.no_shutdown) |
if (cfg.no_shutdown) |
| SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | |
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | |
| SSL_RECEIVED_SHUTDOWN); |
SSL_RECEIVED_SHUTDOWN); |
| else |
else |
|
|
| app_timer_user(TM_RESET); |
app_timer_user(TM_RESET); |
| for (;;) { |
for (;;) { |
| elapsed = app_timer_real(TM_GET); |
elapsed = app_timer_real(TM_GET); |
| if (elapsed > s_time_config.maxtime) |
if (elapsed > cfg.maxtime) |
| break; |
break; |
| if (scon == NULL) { |
if (scon == NULL) { |
| if ((scon = SSL_new(tm_ctx)) == NULL) |
if ((scon = SSL_new(tm_ctx)) == NULL) |
![[BACK]](/icons/back.gif){kind=icon}
Return to s_time.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl