[thirdparty/openssl.git] / apps / s_time.c

/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#define NO_SHUTDOWN

/* ----------------------------------------
   s_time - SSL client connection timer program
   Written and donated by Larry Streepy <streepy@healthcare.com>
  -----------------------------------------*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define USE_SOCKETS
#include "apps.h"
#include <openssl/x509.h>
#include <openssl/ssl.h>
#include <openssl/pem.h>
#include "s_apps.h"
#include <openssl/err.h>
#if !defined(OPENSSL_SYS_MSDOS)
# include OPENSSL_UNISTD
#endif

#undef ioctl
#define ioctl ioctlsocket

#define SSL_CONNECT_NAME        "localhost:4433"

/* no default cert. */
/*
 * #define TEST_CERT "client.pem"
 */

#undef BUFSIZZ
#define BUFSIZZ 1024*10

#define MYBUFSIZ 1024*8

#undef min
#undef max
#define min(a,b) (((a) < (b)) ? (a) : (b))
#define max(a,b) (((a) > (b)) ? (a) : (b))

#undef SECONDS
#define SECONDS 30
#define SECONDSSTR "30"

extern int verify_depth;
extern int verify_error;

static SSL *doConnection(SSL *scon, const char *host, SSL_CTX *ctx);

typedef enum OPTION_choice {
    OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
    OPT_CONNECT, OPT_CIPHER, OPT_CERT, OPT_KEY, OPT_CAPATH,
    OPT_CAFILE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NEW, OPT_REUSE, OPT_BUGS,
    OPT_VERIFY, OPT_TIME, OPT_SSL3,
    OPT_WWW
} OPTION_CHOICE;

OPTIONS s_time_options[] = {
    {"help", OPT_HELP, '-', "Display this summary"},
    {"connect", OPT_CONNECT, 's',
     "Where to connect as post:port (default is " SSL_CONNECT_NAME ")"},
    {"cipher", OPT_CIPHER, 's', "Cipher to use, see 'openssl ciphers'"},
    {"cert", OPT_CERT, '<', "Cert file to use, PEM format assumed"},
    {"key", OPT_KEY, '<', "File with key, PEM; default is -cert file"},
    {"CApath", OPT_CAPATH, '/', "PEM format directory of CA's"},
    {"cafile", OPT_CAFILE, '<', "PEM format file of CA's"},
    {"no-CAfile", OPT_NOCAFILE, '-',
     "Do not load the default certificates file"},
    {"no-CApath", OPT_NOCAPATH, '-',
     "Do not load certificates from the default certificates directory"},
    {"new", OPT_NEW, '-', "Just time new connections"},
    {"reuse", OPT_REUSE, '-', "Just time connection reuse"},
    {"bugs", OPT_BUGS, '-', "Turn on SSL bug compatibility"},
    {"verify", OPT_VERIFY, 'p',
     "Turn on peer certificate verification, set depth"},
    {"time", OPT_TIME, 'p', "Sf seconds to collect data, default" SECONDSSTR},
    {"www", OPT_WWW, 's', "Fetch specified page from the site"},
#ifndef OPENSSL_NO_SSL3
    {"ssl3", OPT_SSL3, '-', "Just use SSLv3"},
#endif
    {NULL}
};

#define START   0
#define STOP    1

static double tm_Time_F(int s)
{
    return app_tminterval(s, 1);
}

int s_time_main(int argc, char **argv)
{
    char buf[1024 * 8];
    SSL *scon = NULL;
    SSL_CTX *ctx = NULL;
    const SSL_METHOD *meth = NULL;
    char *CApath = NULL, *CAfile = NULL, *cipher = NULL, *www_path = NULL;
    char *host = SSL_CONNECT_NAME, *certfile = NULL, *keyfile = NULL, *prog;
    double totalTime = 0.0;
    int noCApath = 0, noCAfile = 0;
    int maxtime = SECONDS, nConn = 0, perform = 3, ret = 1, i, st_bugs =
        0, ver;
    long bytes_read = 0, finishtime = 0;
    OPTION_CHOICE o;

    meth = TLS_client_method();
    verify_depth = 0;
    verify_error = X509_V_OK;

    prog = opt_init(argc, argv, s_time_options);
    while ((o = opt_next()) != OPT_EOF) {
        switch (o) {
        case OPT_EOF:
        case OPT_ERR:
 opthelp:
            BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
            goto end;
        case OPT_HELP:
            opt_help(s_time_options);
            ret = 0;
            goto end;
        case OPT_CONNECT:
            host = opt_arg();
            break;
        case OPT_REUSE:
            perform = 2;
            break;
        case OPT_NEW:
            perform = 1;
            break;
        case OPT_VERIFY:
            if (!opt_int(opt_arg(), &verify_depth))
                goto opthelp;
            BIO_printf(bio_err, "%s: verify depth is %d\n",
                       prog, verify_depth);
            break;
        case OPT_CERT:
            certfile = opt_arg();
            break;
        case OPT_KEY:
            keyfile = opt_arg();
            break;
        case OPT_CAPATH:
            CApath = opt_arg();
            break;
        case OPT_CAFILE:
            CAfile = opt_arg();
            break;
        case OPT_NOCAPATH:
            noCApath = 1;
            break;
        case OPT_NOCAFILE:
            noCAfile = 1;
            break;
        case OPT_CIPHER:
            cipher = opt_arg();
            break;
        case OPT_BUGS:
            st_bugs = 1;
            break;
        case OPT_TIME:
            if (!opt_int(opt_arg(), &maxtime))
                goto opthelp;
            break;
        case OPT_WWW:
            www_path = opt_arg();
            if (strlen(www_path) > MYBUFSIZ - 100) {
                BIO_printf(bio_err, "%s: -www option too long\n", prog);
                goto end;
            }
            break;
        case OPT_SSL3:
#ifndef OPENSSL_NO_SSL3
            meth = SSLv3_client_method();
#endif
            break;
        }
    }
    argc = opt_num_rest();
    argv = opt_rest();

    if (cipher == NULL)
        cipher = getenv("SSL_CIPHER");
    if (cipher == NULL) {
        BIO_printf(bio_err, "No CIPHER specified\n");
        goto end;
    }

    if ((ctx = SSL_CTX_new(meth)) == NULL)
        goto end;

    SSL_CTX_set_quiet_shutdown(ctx, 1);

    if (st_bugs)
        SSL_CTX_set_options(ctx, SSL_OP_ALL);
    if (!SSL_CTX_set_cipher_list(ctx, cipher))
        goto end;
    if (!set_cert_stuff(ctx, certfile, keyfile))
        goto end;

    if (!ctx_set_verify_locations(ctx, CAfile, CApath, noCAfile, noCApath)) {
        ERR_print_errors(bio_err);
        goto end;
    }
    if (!(perform & 1))
        goto next;
    printf("Collecting connection statistics for %d seconds\n", maxtime);

    /* Loop and time how long it takes to make connections */

    bytes_read = 0;
    finishtime = (long)time(NULL) + maxtime;
    tm_Time_F(START);
    for (;;) {
        if (finishtime < (long)time(NULL))
            break;

        if ((scon = doConnection(NULL, host, ctx)) == NULL)
            goto end;

        if (www_path != NULL) {
            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
                         www_path);
            if (SSL_write(scon, buf, strlen(buf)) <= 0)
                goto end;
            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
                bytes_read += i;
        }
#ifdef NO_SHUTDOWN
        SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
        SSL_shutdown(scon);
#endif
        SHUTDOWN2(SSL_get_fd(scon));

        nConn += 1;
        if (SSL_session_reused(scon))
            ver = 'r';
        else {
            ver = SSL_version(scon);
            if (ver == TLS1_VERSION)
                ver = 't';
            else if (ver == SSL3_VERSION)
                ver = '3';
            else
                ver = '*';
        }
        fputc(ver, stdout);
        fflush(stdout);

        SSL_free(scon);
        scon = NULL;
    }
    totalTime += tm_Time_F(STOP); /* Add the time for this iteration */

    i = (int)((long)time(NULL) - finishtime + maxtime);
    printf
        ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
         nConn, totalTime, ((double)nConn / totalTime), bytes_read);
    printf
        ("%d connections in %ld real seconds, %ld bytes read per connection\n",
         nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);

    /*
     * Now loop and time connections using the same session id over and over
     */

 next:
    if (!(perform & 2))
        goto end;
    printf("\n\nNow timing with session id reuse.\n");

    /* Get an SSL object so we can reuse the session id */
    if ((scon = doConnection(NULL, host, ctx)) == NULL) {
        BIO_printf(bio_err, "Unable to get connection\n");
        goto end;
    }

    if (www_path != NULL) {
        BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", www_path);
        if (SSL_write(scon, buf, strlen(buf)) <= 0)
            goto end;
        while (SSL_read(scon, buf, sizeof(buf)) > 0)
            continue;
    }
#ifdef NO_SHUTDOWN
    SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
    SSL_shutdown(scon);
#endif
    SHUTDOWN2(SSL_get_fd(scon));

    nConn = 0;
    totalTime = 0.0;

    finishtime = (long)time(NULL) + maxtime;

    printf("starting\n");
    bytes_read = 0;
    tm_Time_F(START);

    for (;;) {
        if (finishtime < (long)time(NULL))
            break;

        if ((doConnection(scon, host, ctx)) == NULL)
            goto end;

        if (www_path) {
            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
                         www_path);
            if (SSL_write(scon, buf, strlen(buf)) <= 0)
                goto end;
            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
                bytes_read += i;
        }
#ifdef NO_SHUTDOWN
        SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
        SSL_shutdown(scon);
#endif
        SHUTDOWN2(SSL_get_fd(scon));

        nConn += 1;
        if (SSL_session_reused(scon))
            ver = 'r';
        else {
            ver = SSL_version(scon);
            if (ver == TLS1_VERSION)
                ver = 't';
            else if (ver == SSL3_VERSION)
                ver = '3';
            else
                ver = '*';
        }
        fputc(ver, stdout);
        fflush(stdout);
    }
    totalTime += tm_Time_F(STOP); /* Add the time for this iteration */

    printf
        ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
         nConn, totalTime, ((double)nConn / totalTime), bytes_read);
    printf
        ("%d connections in %ld real seconds, %ld bytes read per connection\n",
         nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);

    ret = 0;

 end:
    SSL_free(scon);
    SSL_CTX_free(ctx);
    return (ret);
}

/*-
 * doConnection - make a connection
 */
static SSL *doConnection(SSL *scon, const char *host, SSL_CTX *ctx)
{
    BIO *conn;
    SSL *serverCon;
    int width, i;
    fd_set readfds;

    if ((conn = BIO_new(BIO_s_connect())) == NULL)
        return (NULL);

    BIO_set_conn_hostname(conn, host);

    if (scon == NULL)
        serverCon = SSL_new(ctx);
    else {
        serverCon = scon;
        SSL_set_connect_state(serverCon);
    }

    SSL_set_bio(serverCon, conn, conn);

    /* ok, lets connect */
    for (;;) {
        i = SSL_connect(serverCon);
        if (BIO_sock_should_retry(i)) {
            BIO_printf(bio_err, "DELAY\n");

            i = SSL_get_fd(serverCon);
            width = i + 1;
            FD_ZERO(&readfds);
            openssl_fdset(i, &readfds);
            /*
             * Note: under VMS with SOCKETSHR the 2nd parameter is currently
             * of type (int *) whereas under other systems it is (void *) if
             * you don't have a cast it will choke the compiler: if you do
             * have a cast then you can either go for (int *) or (void *).
             */
            select(width, (void *)&readfds, NULL, NULL, NULL);
            continue;
        }
        break;
    }
    if (i <= 0) {
        BIO_printf(bio_err, "ERROR\n");
        if (verify_error != X509_V_OK)
            BIO_printf(bio_err, "verify error:%s\n",
                       X509_verify_cert_error_string(verify_error));
        else
            ERR_print_errors(bio_err);
        if (scon == NULL)
            SSL_free(serverCon);
        return NULL;
    }

    return serverCon;
}
Commit	Line	Data
58964a49	1	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6 RE	2	* All rights reserved.
	3	*
	4	* This package is an SSL implementation written
	5	* by Eric Young (eay@cryptsoft.com).
	6	* The implementation was written so as to conform with Netscapes SSL.
0f113f3e	7	*
d02b48c6 RE	8	* This library is free for commercial and non-commercial use as long as
	9	* the following conditions are aheared to. The following conditions
	10	* apply to all code found in this distribution, be it the RC4, RSA,
	11	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	12	* included with this distribution is covered by the same copyright terms
	13	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e	14	*
d02b48c6 RE	15	* Copyright remains Eric Young's, and as such any Copyright notices in
	16	* the code are not to be removed.
	17	* If this package is used in a product, Eric Young should be given attribution
	18	* as the author of the parts of the library used.
	19	* This can be in the form of a textual message at program startup or
	20	* in documentation (online or textual) provided with the package.
0f113f3e	21	*
d02b48c6 RE	22	* Redistribution and use in source and binary forms, with or without
	23	* modification, are permitted provided that the following conditions
	24	* are met:
	25	* 1. Redistributions of source code must retain the copyright
	26	* notice, this list of conditions and the following disclaimer.
	27	* 2. Redistributions in binary form must reproduce the above copyright
	28	* notice, this list of conditions and the following disclaimer in the
	29	* documentation and/or other materials provided with the distribution.
	30	* 3. All advertising materials mentioning features or use of this software
	31	* must display the following acknowledgement:
	32	* "This product includes cryptographic software written by
	33	* Eric Young (eay@cryptsoft.com)"
	34	* The word 'cryptographic' can be left out if the rouines from the library
	35	* being used are not cryptographic related :-).
0f113f3e	36	* 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6 RE	37	* the apps directory (application code) you must include an acknowledgement:
d02b48c6 RE	38	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e	39	*
d02b48c6 RE	40	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	41	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	42	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	43	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	44	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	45	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	46	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	48	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	49	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	50	* SUCH DAMAGE.
0f113f3e	51	*
d02b48c6 RE	52	* The licence and distribution terms for any publically available version or
	53	* derivative of this code cannot be changed. i.e. this code cannot simply be
	54	* copied and put under another distribution licence
	55	* [including the GNU Public Licence.]
	56	*/
	57
58964a49	58	#define NO_SHUTDOWN
d02b48c6	59
0f113f3e	60	/* ----------------------------------------
b6cff93d	61	s_time - SSL client connection timer program
d02b48c6 RE	62	Written and donated by Larry Streepy <streepy@healthcare.com>
	63	-----------------------------------------*/
	64
	65	#include <stdio.h>
	66	#include <stdlib.h>
	67	#include <string.h>
	68
a4a8f7b3 RL	69	#define USE_SOCKETS
a4a8f7b3 RL	70	#include "apps.h"
ec577822 BM	71	#include <openssl/x509.h>
	72	#include <openssl/ssl.h>
	73	#include <openssl/pem.h>
d02b48c6	74	#include "s_apps.h"
ec577822	75	#include <openssl/err.h>
f559f31b	76	#if !defined(OPENSSL_SYS_MSDOS)
0f113f3e	77	# include OPENSSL_UNISTD
f559f31b	78	#endif
d02b48c6	79
7d7d2cbc	80	#undef ioctl
d02b48c6 RE	81	#define ioctl ioctlsocket
d02b48c6 RE	82
0f113f3e	83	#define SSL_CONNECT_NAME "localhost:4433"
d02b48c6	84
e636e2ac	85	/* no default cert. */
0f113f3e MC	86	/*
	87	* #define TEST_CERT "client.pem"
	88	*/
d02b48c6 RE	89
	90	#undef BUFSIZZ
	91	#define BUFSIZZ 1024*10
	92
54a656ef BL	93	#define MYBUFSIZ 1024*8
54a656ef BL	94
3e83e686 RL	95	#undef min
3e83e686 RL	96	#undef max
d02b48c6 RE	97	#define min(a,b) (((a) < (b)) ? (a) : (b))
	98	#define max(a,b) (((a) > (b)) ? (a) : (b))
	99
	100	#undef SECONDS
0f113f3e	101	#define SECONDS 30
7e1b7485 RS	102	#define SECONDSSTR "30"
7e1b7485 RS	103
d02b48c6 RE	104	extern int verify_depth;
	105	extern int verify_error;
	106
7e1b7485	107	static SSL doConnection(SSL scon, const char host, SSL_CTX ctx);
d02b48c6	108
7e1b7485 RS	109	typedef enum OPTION_choice {
	110	OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
	111	OPT_CONNECT, OPT_CIPHER, OPT_CERT, OPT_KEY, OPT_CAPATH,
2b6bcb70 MC	112	OPT_CAFILE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NEW, OPT_REUSE, OPT_BUGS,
2b6bcb70 MC	113	OPT_VERIFY, OPT_TIME, OPT_SSL3,
7e1b7485 RS	114	OPT_WWW
	115	} OPTION_CHOICE;
	116
	117	OPTIONS s_time_options[] = {
	118	{"help", OPT_HELP, '-', "Display this summary"},
	119	{"connect", OPT_CONNECT, 's',
	120	"Where to connect as post:port (default is " SSL_CONNECT_NAME ")"},
	121	{"cipher", OPT_CIPHER, 's', "Cipher to use, see 'openssl ciphers'"},
	122	{"cert", OPT_CERT, '<', "Cert file to use, PEM format assumed"},
	123	{"key", OPT_KEY, '<', "File with key, PEM; default is -cert file"},
	124	{"CApath", OPT_CAPATH, '/', "PEM format directory of CA's"},
	125	{"cafile", OPT_CAFILE, '<', "PEM format file of CA's"},
2b6bcb70 MC	126	{"no-CAfile", OPT_NOCAFILE, '-',
	127	"Do not load the default certificates file"},
	128	{"no-CApath", OPT_NOCAPATH, '-',
	129	"Do not load certificates from the default certificates directory"},
7e1b7485 RS	130	{"new", OPT_NEW, '-', "Just time new connections"},
	131	{"reuse", OPT_REUSE, '-', "Just time connection reuse"},
	132	{"bugs", OPT_BUGS, '-', "Turn on SSL bug compatibility"},
	133	{"verify", OPT_VERIFY, 'p',
	134	"Turn on peer certificate verification, set depth"},
	135	{"time", OPT_TIME, 'p', "Sf seconds to collect data, default" SECONDSSTR},
	136	{"www", OPT_WWW, 's', "Fetch specified page from the site"},
	137	#ifndef OPENSSL_NO_SSL3
	138	{"ssl3", OPT_SSL3, '-', "Just use SSLv3"},
d02b48c6	139	#endif
7e1b7485 RS	140	{NULL}
7e1b7485 RS	141	};
d02b48c6	142
7e1b7485 RS	143	#define START 0
7e1b7485 RS	144	#define STOP 1
58964a49	145
7e1b7485	146	static double tm_Time_F(int s)
d02b48c6	147	{
7e1b7485	148	return app_tminterval(s, 1);
d02b48c6 RE	149	}
d02b48c6 RE	150
7e1b7485	151	int s_time_main(int argc, char **argv)
d02b48c6	152	{
7e1b7485 RS	153	char buf[1024 * 8];
	154	SSL *scon = NULL;
	155	SSL_CTX *ctx = NULL;
	156	const SSL_METHOD *meth = NULL;
	157	char CApath = NULL, CAfile = NULL, cipher = NULL, www_path = NULL;
	158	char host = SSL_CONNECT_NAME, certfile = NULL, keyfile = NULL, prog;
	159	double totalTime = 0.0;
2b6bcb70	160	int noCApath = 0, noCAfile = 0;
7e1b7485 RS	161	int maxtime = SECONDS, nConn = 0, perform = 3, ret = 1, i, st_bugs =
	162	0, ver;
	163	long bytes_read = 0, finishtime = 0;
	164	OPTION_CHOICE o;
d02b48c6	165
13c9bb3e	166	meth = TLS_client_method();
0f113f3e MC	167	verify_depth = 0;
0f113f3e MC	168	verify_error = X509_V_OK;
d02b48c6	169
7e1b7485 RS	170	prog = opt_init(argc, argv, s_time_options);
	171	while ((o = opt_next()) != OPT_EOF) {
	172	switch (o) {
	173	case OPT_EOF:
	174	case OPT_ERR:
	175	opthelp:
	176	BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
	177	goto end;
	178	case OPT_HELP:
	179	opt_help(s_time_options);
	180	ret = 0;
	181	goto end;
	182	case OPT_CONNECT:
	183	host = opt_arg();
	184	break;
	185	case OPT_REUSE:
0f113f3e	186	perform = 2;
7e1b7485 RS	187	break;
7e1b7485 RS	188	case OPT_NEW:
0f113f3e	189	perform = 1;
7e1b7485 RS	190	break;
	191	case OPT_VERIFY:
	192	if (!opt_int(opt_arg(), &verify_depth))
	193	goto opthelp;
	194	BIO_printf(bio_err, "%s: verify depth is %d\n",
	195	prog, verify_depth);
	196	break;
	197	case OPT_CERT:
	198	certfile = opt_arg();
	199	break;
	200	case OPT_KEY:
	201	keyfile = opt_arg();
	202	break;
	203	case OPT_CAPATH:
	204	CApath = opt_arg();
	205	break;
	206	case OPT_CAFILE:
	207	CAfile = opt_arg();
	208	break;
2b6bcb70 MC	209	case OPT_NOCAPATH:
	210	noCApath = 1;
	211	break;
	212	case OPT_NOCAFILE:
	213	noCAfile = 1;
	214	break;
7e1b7485 RS	215	case OPT_CIPHER:
	216	cipher = opt_arg();
	217	break;
	218	case OPT_BUGS:
0f113f3e	219	st_bugs = 1;
7e1b7485 RS	220	break;
	221	case OPT_TIME:
	222	if (!opt_int(opt_arg(), &maxtime))
	223	goto opthelp;
	224	break;
	225	case OPT_WWW:
	226	www_path = opt_arg();
	227	if (strlen(www_path) > MYBUFSIZ - 100) {
	228	BIO_printf(bio_err, "%s: -www option too long\n", prog);
	229	goto end;
dfef52f6	230	}
0f113f3e	231	break;
7e1b7485	232	case OPT_SSL3:
9c3bcfa0	233	#ifndef OPENSSL_NO_SSL3
7e1b7485	234	meth = SSLv3_client_method();
7e1b7485	235	#endif
9c3bcfa0	236	break;
0f113f3e	237	}
d02b48c6	238	}
7e1b7485 RS	239	argc = opt_num_rest();
7e1b7485 RS	240	argv = opt_rest();
d02b48c6	241
7e1b7485 RS	242	if (cipher == NULL)
	243	cipher = getenv("SSL_CIPHER");
	244	if (cipher == NULL) {
7768e116	245	BIO_printf(bio_err, "No CIPHER specified\n");
7e1b7485	246	goto end;
d02b48c6 RE	247	}
d02b48c6 RE	248
7e1b7485	249	if ((ctx = SSL_CTX_new(meth)) == NULL)
0f113f3e MC	250	goto end;
0f113f3e MC	251
7e1b7485	252	SSL_CTX_set_quiet_shutdown(ctx, 1);
0f113f3e MC	253
0f113f3e MC	254	if (st_bugs)
7e1b7485 RS	255	SSL_CTX_set_options(ctx, SSL_OP_ALL);
7e1b7485 RS	256	if (!SSL_CTX_set_cipher_list(ctx, cipher))
ac59d705	257	goto end;
7e1b7485	258	if (!set_cert_stuff(ctx, certfile, keyfile))
0f113f3e MC	259	goto end;
0f113f3e MC	260
2b6bcb70	261	if (!ctx_set_verify_locations(ctx, CAfile, CApath, noCAfile, noCApath)) {
0f113f3e	262	ERR_print_errors(bio_err);
7e1b7485	263	goto end;
0f113f3e	264	}
0f113f3e MC	265	if (!(perform & 1))
0f113f3e MC	266	goto next;
7e1b7485	267	printf("Collecting connection statistics for %d seconds\n", maxtime);
d02b48c6	268
0f113f3e	269	/* Loop and time how long it takes to make connections */
d02b48c6	270
0f113f3e	271	bytes_read = 0;
7e1b7485	272	finishtime = (long)time(NULL) + maxtime;
0f113f3e MC	273	tm_Time_F(START);
	274	for (;;) {
	275	if (finishtime < (long)time(NULL))
	276	break;
d02b48c6	277
7e1b7485	278	if ((scon = doConnection(NULL, host, ctx)) == NULL)
0f113f3e	279	goto end;
d02b48c6	280
7e1b7485	281	if (www_path != NULL) {
0f113f3e	282	BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
7e1b7485	283	www_path);
61986d32	284	if (SSL_write(scon, buf, strlen(buf)) <= 0)
ac59d705	285	goto end;
0f113f3e MC	286	while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
	287	bytes_read += i;
	288	}
d02b48c6	289	#ifdef NO_SHUTDOWN
0f113f3e	290	SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
d02b48c6	291	#else
0f113f3e	292	SSL_shutdown(scon);
d02b48c6	293	#endif
0f113f3e MC	294	SHUTDOWN2(SSL_get_fd(scon));
	295
	296	nConn += 1;
	297	if (SSL_session_reused(scon))
	298	ver = 'r';
	299	else {
	300	ver = SSL_version(scon);
	301	if (ver == TLS1_VERSION)
	302	ver = 't';
	303	else if (ver == SSL3_VERSION)
	304	ver = '3';
	305	else
	306	ver = '*';
	307	}
	308	fputc(ver, stdout);
	309	fflush(stdout);
	310
	311	SSL_free(scon);
	312	scon = NULL;
	313	}
	314	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
	315
7e1b7485	316	i = (int)((long)time(NULL) - finishtime + maxtime);
0f113f3e MC	317	printf
	318	("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
	319	nConn, totalTime, ((double)nConn / totalTime), bytes_read);
	320	printf
	321	("%d connections in %ld real seconds, %ld bytes read per connection\n",
7e1b7485	322	nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);
0f113f3e MC	323
	324	/*
	325	* Now loop and time connections using the same session id over and over
	326	*/
	327
	328	next:
	329	if (!(perform & 2))
	330	goto end;
	331	printf("\n\nNow timing with session id reuse.\n");
	332
	333	/* Get an SSL object so we can reuse the session id */
7e1b7485	334	if ((scon = doConnection(NULL, host, ctx)) == NULL) {
7768e116	335	BIO_printf(bio_err, "Unable to get connection\n");
0f113f3e MC	336	goto end;
	337	}
	338
7e1b7485 RS	339	if (www_path != NULL) {
7e1b7485 RS	340	BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", www_path);
61986d32	341	if (SSL_write(scon, buf, strlen(buf)) <= 0)
ac59d705	342	goto end;
7e1b7485 RS	343	while (SSL_read(scon, buf, sizeof(buf)) > 0)
7e1b7485 RS	344	continue;
0f113f3e	345	}
d02b48c6	346	#ifdef NO_SHUTDOWN
0f113f3e	347	SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
d02b48c6	348	#else
0f113f3e	349	SSL_shutdown(scon);
d02b48c6	350	#endif
0f113f3e MC	351	SHUTDOWN2(SSL_get_fd(scon));
	352
	353	nConn = 0;
	354	totalTime = 0.0;
d02b48c6	355
7e1b7485	356	finishtime = (long)time(NULL) + maxtime;
d02b48c6	357
0f113f3e MC	358	printf("starting\n");
	359	bytes_read = 0;
	360	tm_Time_F(START);
d02b48c6	361
0f113f3e MC	362	for (;;) {
	363	if (finishtime < (long)time(NULL))
	364	break;
d02b48c6	365
7e1b7485	366	if ((doConnection(scon, host, ctx)) == NULL)
0f113f3e	367	goto end;
d02b48c6	368
7e1b7485	369	if (www_path) {
0f113f3e	370	BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
7e1b7485	371	www_path);
61986d32	372	if (SSL_write(scon, buf, strlen(buf)) <= 0)
ac59d705	373	goto end;
0f113f3e MC	374	while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
	375	bytes_read += i;
	376	}
d02b48c6	377	#ifdef NO_SHUTDOWN
0f113f3e	378	SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
d02b48c6	379	#else
0f113f3e	380	SSL_shutdown(scon);
d02b48c6	381	#endif
0f113f3e MC	382	SHUTDOWN2(SSL_get_fd(scon));
	383
	384	nConn += 1;
	385	if (SSL_session_reused(scon))
	386	ver = 'r';
	387	else {
	388	ver = SSL_version(scon);
	389	if (ver == TLS1_VERSION)
	390	ver = 't';
	391	else if (ver == SSL3_VERSION)
	392	ver = '3';
	393	else
	394	ver = '*';
	395	}
	396	fputc(ver, stdout);
	397	fflush(stdout);
	398	}
	399	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
	400
	401	printf
	402	("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
	403	nConn, totalTime, ((double)nConn / totalTime), bytes_read);
	404	printf
	405	("%d connections in %ld real seconds, %ld bytes read per connection\n",
7e1b7485	406	nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);
0f113f3e MC	407
0f113f3e MC	408	ret = 0;
7e1b7485	409
0f113f3e	410	end:
62adbcee	411	SSL_free(scon);
7e1b7485 RS	412	SSL_CTX_free(ctx);
7e1b7485 RS	413	return (ret);
0f113f3e	414	}
d02b48c6	415
c80fd6b2	416	/*-
d02b48c6	417	* doConnection - make a connection
d02b48c6	418	*/
7e1b7485	419	static SSL doConnection(SSL scon, const char host, SSL_CTX ctx)
0f113f3e MC	420	{
	421	BIO *conn;
	422	SSL *serverCon;
	423	int width, i;
	424	fd_set readfds;
	425
	426	if ((conn = BIO_new(BIO_s_connect())) == NULL)
	427	return (NULL);
	428
0f113f3e MC	429	BIO_set_conn_hostname(conn, host);
	430
	431	if (scon == NULL)
7e1b7485	432	serverCon = SSL_new(ctx);
0f113f3e MC	433	else {
	434	serverCon = scon;
	435	SSL_set_connect_state(serverCon);
	436	}
d02b48c6	437
0f113f3e	438	SSL_set_bio(serverCon, conn, conn);
d02b48c6	439
0f113f3e MC	440	/* ok, lets connect */
	441	for (;;) {
	442	i = SSL_connect(serverCon);
	443	if (BIO_sock_should_retry(i)) {
	444	BIO_printf(bio_err, "DELAY\n");
	445
	446	i = SSL_get_fd(serverCon);
	447	width = i + 1;
	448	FD_ZERO(&readfds);
	449	openssl_fdset(i, &readfds);
	450	/*
	451	* Note: under VMS with SOCKETSHR the 2nd parameter is currently
	452	* of type (int ) whereas under other systems it is (void ) if
	453	* you don't have a cast it will choke the compiler: if you do
	454	* have a cast then you can either go for (int ) or (void ).
	455	*/
	456	select(width, (void *)&readfds, NULL, NULL, NULL);
	457	continue;
	458	}
	459	break;
	460	}
	461	if (i <= 0) {
	462	BIO_printf(bio_err, "ERROR\n");
	463	if (verify_error != X509_V_OK)
	464	BIO_printf(bio_err, "verify error:%s\n",
	465	X509_verify_cert_error_string(verify_error));
	466	else
	467	ERR_print_errors(bio_err);
	468	if (scon == NULL)
	469	SSL_free(serverCon);
	470	return NULL;
	471	}
d02b48c6	472
0f113f3e MC	473	return serverCon;
0f113f3e MC	474	}