s_time.c@ 95000

Last change on this file since 95000 was 91772, checked in by vboxsync, 3 years ago
openssl-1.1.1l: Applied and adjusted our OpenSSL changes to 1.1.1l. bugref:10126
File size: 11.9 KB

Line
1	/*
2	* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the OpenSSL license (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <stdio.h>
11	#include <stdlib.h>
12	#include <string.h>
13
14	#include <openssl/opensslconf.h>
15
16	#ifndef OPENSSL_NO_SOCK
17
18	#include "apps.h"
19	#include "progs.h"
20	#include <openssl/x509.h>
21	#include <openssl/ssl.h>
22	#include <openssl/pem.h>
23	#include "s_apps.h"
24	#include <openssl/err.h>
25	#include <internal/sockets.h>
26	#if !defined(OPENSSL_SYS_MSDOS)
27	# include OPENSSL_UNISTD
28	#endif
29
30	#define SSL_CONNECT_NAME "localhost:4433"
31
32	#define SECONDS 30
33	#define SECONDSSTR "30"
34
35	static SSL doConnection(SSL scon, const char host, SSL_CTX ctx);
36
37	/*
38	* Define a HTTP get command globally.
39	* Also define the size of the command, this is two bytes less than
40	* the size of the string because the %s is replaced by the URL.
41	*/
42	static const char fmt_http_get_cmd[] = "GET %s HTTP/1.0\r\n\r\n";
43	static const size_t fmt_http_get_cmd_size = sizeof(fmt_http_get_cmd) - 2;
44
45	typedef enum OPTION_choice {
46	OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
47	OPT_CONNECT, OPT_CIPHER, OPT_CIPHERSUITES, OPT_CERT, OPT_NAMEOPT, OPT_KEY,
48	OPT_CAPATH, OPT_CAFILE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NEW, OPT_REUSE,
49	OPT_BUGS, OPT_VERIFY, OPT_TIME, OPT_SSL3,
50	OPT_WWW
51	} OPTION_CHOICE;
52
53	const OPTIONS s_time_options[] = {
54	{"help", OPT_HELP, '-', "Display this summary"},
55	{"connect", OPT_CONNECT, 's',
56	"Where to connect as post:port (default is " SSL_CONNECT_NAME ")"},
57	{"cipher", OPT_CIPHER, 's', "TLSv1.2 and below cipher list to be used"},
58	{"ciphersuites", OPT_CIPHERSUITES, 's',
59	"Specify TLSv1.3 ciphersuites to be used"},
60	{"cert", OPT_CERT, '<', "Cert file to use, PEM format assumed"},
61	{"nameopt", OPT_NAMEOPT, 's', "Various certificate name options"},
62	{"key", OPT_KEY, '<', "File with key, PEM; default is -cert file"},
63	{"CApath", OPT_CAPATH, '/', "PEM format directory of CA's"},
64	{"cafile", OPT_CAFILE, '<', "PEM format file of CA's"},
65	{"CAfile", OPT_CAFILE, '<', "PEM format file of CA's"},
66	{"no-CAfile", OPT_NOCAFILE, '-',
67	"Do not load the default certificates file"},
68	{"no-CApath", OPT_NOCAPATH, '-',
69	"Do not load certificates from the default certificates directory"},
70	{"new", OPT_NEW, '-', "Just time new connections"},
71	{"reuse", OPT_REUSE, '-', "Just time connection reuse"},
72	{"bugs", OPT_BUGS, '-', "Turn on SSL bug compatibility"},
73	{"verify", OPT_VERIFY, 'p',
74	"Turn on peer certificate verification, set depth"},
75	{"time", OPT_TIME, 'p', "Seconds to collect data, default " SECONDSSTR},
76	{"www", OPT_WWW, 's', "Fetch specified page from the site"},
77	#ifndef OPENSSL_NO_SSL3
78	{"ssl3", OPT_SSL3, '-', "Just use SSLv3"},
79	#endif
80	{NULL}
81	};
82
83	#define START 0
84	#define STOP 1
85
86	static double tm_Time_F(int s)
87	{
88	return app_tminterval(s, 1);
89	}
90
91	int s_time_main(int argc, char **argv)
92	{
93	char buf[1024 * 8];
94	SSL *scon = NULL;
95	SSL_CTX *ctx = NULL;
96	const SSL_METHOD *meth = NULL;
97	char CApath = NULL, CAfile = NULL, cipher = NULL, ciphersuites = NULL;
98	char *www_path = NULL;
99	char host = SSL_CONNECT_NAME, certfile = NULL, keyfile = NULL, prog;
100	double totalTime = 0.0;
101	int noCApath = 0, noCAfile = 0;
102	int maxtime = SECONDS, nConn = 0, perform = 3, ret = 1, i, st_bugs = 0;
103	long bytes_read = 0, finishtime = 0;
104	OPTION_CHOICE o;
105	int max_version = 0, ver, buf_len;
106	size_t buf_size;
107
108	meth = TLS_client_method();
109
110	prog = opt_init(argc, argv, s_time_options);
111	while ((o = opt_next()) != OPT_EOF) {
112	switch (o) {
113	case OPT_EOF:
114	case OPT_ERR:
115	opthelp:
116	BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
117	goto end;
118	case OPT_HELP:
119	opt_help(s_time_options);
120	ret = 0;
121	goto end;
122	case OPT_CONNECT:
123	host = opt_arg();
124	break;
125	case OPT_REUSE:
126	perform = 2;
127	break;
128	case OPT_NEW:
129	perform = 1;
130	break;
131	case OPT_VERIFY:
132	if (!opt_int(opt_arg(), &verify_args.depth))
133	goto opthelp;
134	BIO_printf(bio_err, "%s: verify depth is %d\n",
135	prog, verify_args.depth);
136	break;
137	case OPT_CERT:
138	certfile = opt_arg();
139	break;
140	case OPT_NAMEOPT:
141	if (!set_nameopt(opt_arg()))
142	goto end;
143	break;
144	case OPT_KEY:
145	keyfile = opt_arg();
146	break;
147	case OPT_CAPATH:
148	CApath = opt_arg();
149	break;
150	case OPT_CAFILE:
151	CAfile = opt_arg();
152	break;
153	case OPT_NOCAPATH:
154	noCApath = 1;
155	break;
156	case OPT_NOCAFILE:
157	noCAfile = 1;
158	break;
159	case OPT_CIPHER:
160	cipher = opt_arg();
161	break;
162	case OPT_CIPHERSUITES:
163	ciphersuites = opt_arg();
164	break;
165	case OPT_BUGS:
166	st_bugs = 1;
167	break;
168	case OPT_TIME:
169	if (!opt_int(opt_arg(), &maxtime))
170	goto opthelp;
171	break;
172	case OPT_WWW:
173	www_path = opt_arg();
174	buf_size = strlen(www_path) + fmt_http_get_cmd_size;
175	if (buf_size > sizeof(buf)) {
176	BIO_printf(bio_err, "%s: -www option is too long\n", prog);
177	goto end;
178	}
179	break;
180	case OPT_SSL3:
181	max_version = SSL3_VERSION;
182	break;
183	}
184	}
185	argc = opt_num_rest();
186	if (argc != 0)
187	goto opthelp;
188
189	if (cipher == NULL)
190	cipher = getenv("SSL_CIPHER");
191
192	if ((ctx = SSL_CTX_new(meth)) == NULL)
193	goto end;
194
195	SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
196	SSL_CTX_set_quiet_shutdown(ctx, 1);
197	if (SSL_CTX_set_max_proto_version(ctx, max_version) == 0)
198	goto end;
199
200	if (st_bugs)
201	SSL_CTX_set_options(ctx, SSL_OP_ALL);
202	if (cipher != NULL && !SSL_CTX_set_cipher_list(ctx, cipher))
203	goto end;
204	if (ciphersuites != NULL && !SSL_CTX_set_ciphersuites(ctx, ciphersuites))
205	goto end;
206	if (!set_cert_stuff(ctx, certfile, keyfile))
207	goto end;
208
209	if (!ctx_set_verify_locations(ctx, CAfile, CApath, noCAfile, noCApath)) {
210	ERR_print_errors(bio_err);
211	goto end;
212	}
213	if (!(perform & 1))
214	goto next;
215	printf("Collecting connection statistics for %d seconds\n", maxtime);
216
217	/* Loop and time how long it takes to make connections */
218
219	bytes_read = 0;
220	finishtime = (long)time(NULL) + maxtime;
221	tm_Time_F(START);
222	for (;;) {
223	if (finishtime < (long)time(NULL))
224	break;
225
226	if ((scon = doConnection(NULL, host, ctx)) == NULL)
227	goto end;
228
229	if (www_path != NULL) {
230	buf_len = BIO_snprintf(buf, sizeof(buf), fmt_http_get_cmd,
231	www_path);
232	if (buf_len <= 0 \|\| SSL_write(scon, buf, buf_len) <= 0)
233	goto end;
234	while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
235	bytes_read += i;
236	}
237	SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
238	BIO_closesocket(SSL_get_fd(scon));
239
240	nConn += 1;
241	if (SSL_session_reused(scon)) {
242	ver = 'r';
243	} else {
244	ver = SSL_version(scon);
245	if (ver == TLS1_VERSION)
246	ver = 't';
247	else if (ver == SSL3_VERSION)
248	ver = '3';
249	else
250	ver = '*';
251	}
252	fputc(ver, stdout);
253	fflush(stdout);
254
255	SSL_free(scon);
256	scon = NULL;
257	}
258	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
259
260	i = (int)((long)time(NULL) - finishtime + maxtime);
261	printf
262	("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
263	nConn, totalTime, ((double)nConn / totalTime), bytes_read);
264	printf
265	("%d connections in %ld real seconds, %ld bytes read per connection\n",
266	nConn, (long)time(NULL) - finishtime + maxtime,
267	nConn > 0 ? bytes_read / nConn : 0l);
268
269	/*
270	* Now loop and time connections using the same session id over and over
271	*/
272
273	next:
274	if (!(perform & 2))
275	goto end;
276	printf("\n\nNow timing with session id reuse.\n");
277
278	/* Get an SSL object so we can reuse the session id */
279	if ((scon = doConnection(NULL, host, ctx)) == NULL) {
280	BIO_printf(bio_err, "Unable to get connection\n");
281	goto end;
282	}
283
284	if (www_path != NULL) {
285	buf_len = BIO_snprintf(buf, sizeof(buf), fmt_http_get_cmd, www_path);
286	if (buf_len <= 0 \|\| SSL_write(scon, buf, buf_len) <= 0)
287	goto end;
288	while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
289	continue;
290	}
291	SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
292	BIO_closesocket(SSL_get_fd(scon));
293
294	nConn = 0;
295	totalTime = 0.0;
296
297	finishtime = (long)time(NULL) + maxtime;
298
299	printf("starting\n");
300	bytes_read = 0;
301	tm_Time_F(START);
302
303	for (;;) {
304	if (finishtime < (long)time(NULL))
305	break;
306
307	if ((doConnection(scon, host, ctx)) == NULL)
308	goto end;
309
310	if (www_path != NULL) {
311	buf_len = BIO_snprintf(buf, sizeof(buf), fmt_http_get_cmd,
312	www_path);
313	if (buf_len <= 0 \|\| SSL_write(scon, buf, buf_len) <= 0)
314	goto end;
315	while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
316	bytes_read += i;
317	}
318	SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
319	BIO_closesocket(SSL_get_fd(scon));
320
321	nConn += 1;
322	if (SSL_session_reused(scon)) {
323	ver = 'r';
324	} else {
325	ver = SSL_version(scon);
326	if (ver == TLS1_VERSION)
327	ver = 't';
328	else if (ver == SSL3_VERSION)
329	ver = '3';
330	else
331	ver = '*';
332	}
333	fputc(ver, stdout);
334	fflush(stdout);
335	}
336	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
337
338	printf
339	("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
340	nConn, totalTime, ((double)nConn / totalTime), bytes_read);
341	printf
342	("%d connections in %ld real seconds, %ld bytes read per connection\n",
343	nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);
344
345	ret = 0;
346
347	end:
348	SSL_free(scon);
349	SSL_CTX_free(ctx);
350	return ret;
351	}
352
353	/*-
354	* doConnection - make a connection
355	*/
356	static SSL doConnection(SSL scon, const char host, SSL_CTX ctx)
357	{
358	BIO *conn;
359	SSL *serverCon;
360	int i;
361
362	if ((conn = BIO_new(BIO_s_connect())) == NULL)
363	return NULL;
364
365	BIO_set_conn_hostname(conn, host);
366	BIO_set_conn_mode(conn, BIO_SOCK_NODELAY);
367
368	if (scon == NULL)
369	serverCon = SSL_new(ctx);
370	else {
371	serverCon = scon;
372	SSL_set_connect_state(serverCon);
373	}
374
375	SSL_set_bio(serverCon, conn, conn);
376
377	/* ok, lets connect */
378	i = SSL_connect(serverCon);
379	if (i <= 0) {
380	BIO_printf(bio_err, "ERROR\n");
381	if (verify_args.error != X509_V_OK)
382	BIO_printf(bio_err, "verify error:%s\n",
383	X509_verify_cert_error_string(verify_args.error));
384	else
385	ERR_print_errors(bio_err);
386	if (scon == NULL)
387	SSL_free(serverCon);
388	return NULL;
389	}
390
391	#if defined(SOL_SOCKET) && defined(SO_LINGER)
392	{
393	struct linger no_linger;
394	int fd;
395
396	no_linger.l_onoff = 1;
397	no_linger.l_linger = 0;
398	fd = SSL_get_fd(serverCon);
399	if (fd >= 0)
400	(void)setsockopt(fd, SOL_SOCKET, SO_LINGER, (char*)&no_linger,
401	sizeof(no_linger));
402	}
403	#endif
404
405	return serverCon;
406	}
407	#endif /* OPENSSL_NO_SOCK */

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-1.1.1l/apps/s_time.c@ 95000

Download in other formats: