]>
git.ipfire.org Git - thirdparty/openssl.git/blob - apps/s_time.c
2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
14 #include <openssl/opensslconf.h>
16 #ifndef OPENSSL_NO_SOCK
20 #include <openssl/x509.h>
21 #include <openssl/ssl.h>
22 #include <openssl/pem.h>
24 #include <openssl/err.h>
25 #include "internal/sockets.h"
26 #if !defined(OPENSSL_SYS_MSDOS)
30 #define SSL_CONNECT_NAME "localhost:4433"
33 #define SECONDSSTR "30"
35 static SSL
*doConnection(SSL
*scon
, const char *host
, SSL_CTX
*ctx
);
38 * Define a HTTP get command globally.
39 * Also define the size of the command, this is two bytes less than
40 * the size of the string because the %s is replaced by the URL.
42 static const char fmt_http_get_cmd
[] = "GET %s HTTP/1.0\r\n\r\n";
43 static const size_t fmt_http_get_cmd_size
= sizeof(fmt_http_get_cmd
) - 2;
45 typedef enum OPTION_choice
{
47 OPT_CONNECT
, OPT_CIPHER
, OPT_CIPHERSUITES
, OPT_CERT
, OPT_NAMEOPT
, OPT_KEY
,
48 OPT_CAPATH
, OPT_CAFILE
, OPT_CASTORE
,
49 OPT_NOCAPATH
, OPT_NOCAFILE
, OPT_NOCASTORE
,
50 OPT_NEW
, OPT_REUSE
, OPT_BUGS
, OPT_VERIFY
, OPT_TIME
, OPT_SSL3
,
51 OPT_WWW
, OPT_TLS1
, OPT_TLS1_1
, OPT_TLS1_2
, OPT_TLS1_3
,
55 const OPTIONS s_time_options
[] = {
56 OPT_SECTION("General"),
57 {"help", OPT_HELP
, '-', "Display this summary"},
59 OPT_SECTION("Connection"),
60 {"connect", OPT_CONNECT
, 's',
61 "Where to connect as post:port (default is " SSL_CONNECT_NAME
")"},
62 {"new", OPT_NEW
, '-', "Just time new connections"},
63 {"reuse", OPT_REUSE
, '-', "Just time connection reuse"},
64 {"bugs", OPT_BUGS
, '-', "Turn on SSL bug compatibility"},
65 {"cipher", OPT_CIPHER
, 's', "TLSv1.2 and below cipher list to be used"},
66 {"ciphersuites", OPT_CIPHERSUITES
, 's',
67 "Specify TLSv1.3 ciphersuites to be used"},
68 #ifndef OPENSSL_NO_SSL3
69 {"ssl3", OPT_SSL3
, '-', "Just use SSLv3"},
71 #ifndef OPENSSL_NO_TLS1
72 {"tls1", OPT_TLS1
, '-', "Just use TLSv1.0"},
74 #ifndef OPENSSL_NO_TLS1_1
75 {"tls1_1", OPT_TLS1_1
, '-', "Just use TLSv1.1"},
77 #ifndef OPENSSL_NO_TLS1_2
78 {"tls1_2", OPT_TLS1_2
, '-', "Just use TLSv1.2"},
80 #ifndef OPENSSL_NO_TLS1_3
81 {"tls1_3", OPT_TLS1_3
, '-', "Just use TLSv1.3"},
83 {"verify", OPT_VERIFY
, 'p',
84 "Turn on peer certificate verification, set depth"},
85 {"time", OPT_TIME
, 'p', "Seconds to collect data, default " SECONDSSTR
},
86 {"www", OPT_WWW
, 's', "Fetch specified page from the site"},
88 OPT_SECTION("Certificate"),
89 {"nameopt", OPT_NAMEOPT
, 's', "Certificate subject/issuer name printing options"},
90 {"cert", OPT_CERT
, '<', "Cert file to use, PEM format assumed"},
91 {"key", OPT_KEY
, '<', "File with key, PEM; default is -cert file"},
92 {"cafile", OPT_CAFILE
, '<', "PEM format file of CA's"},
93 {"CAfile", OPT_CAFILE
, '<', "PEM format file of CA's"},
94 {"CApath", OPT_CAPATH
, '/', "PEM format directory of CA's"},
95 {"CAstore", OPT_CASTORE
, ':', "URI to store of CA's"},
96 {"no-CAfile", OPT_NOCAFILE
, '-',
97 "Do not load the default certificates file"},
98 {"no-CApath", OPT_NOCAPATH
, '-',
99 "Do not load certificates from the default certificates directory"},
100 {"no-CAstore", OPT_NOCASTORE
, '-',
101 "Do not load certificates from the default certificates store URI"},
110 static double tm_Time_F(int s
)
112 return app_tminterval(s
, 1);
115 int s_time_main(int argc
, char **argv
)
120 const SSL_METHOD
*meth
= NULL
;
121 char *CApath
= NULL
, *CAfile
= NULL
, *CAstore
= NULL
;
122 char *cipher
= NULL
, *ciphersuites
= NULL
;
123 char *www_path
= NULL
;
124 char *host
= SSL_CONNECT_NAME
, *certfile
= NULL
, *keyfile
= NULL
, *prog
;
125 double totalTime
= 0.0;
126 int noCApath
= 0, noCAfile
= 0, noCAstore
= 0;
127 int maxtime
= SECONDS
, nConn
= 0, perform
= 3, ret
= 1, i
, st_bugs
= 0;
128 long bytes_read
= 0, finishtime
= 0;
130 int min_version
= 0, max_version
= 0, ver
, buf_len
, fd
;
133 meth
= TLS_client_method();
135 prog
= opt_init(argc
, argv
, s_time_options
);
136 while ((o
= opt_next()) != OPT_EOF
) {
141 BIO_printf(bio_err
, "%s: Use -help for summary.\n", prog
);
144 opt_help(s_time_options
);
157 verify_args
.depth
= opt_int_arg();
158 BIO_printf(bio_err
, "%s: verify depth is %d\n",
159 prog
, verify_args
.depth
);
162 certfile
= opt_arg();
165 if (!set_nameopt(opt_arg()))
192 case OPT_CIPHERSUITES
:
193 ciphersuites
= opt_arg();
199 maxtime
= opt_int_arg();
202 www_path
= opt_arg();
203 buf_size
= strlen(www_path
) + fmt_http_get_cmd_size
;
204 if (buf_size
> sizeof(buf
)) {
205 BIO_printf(bio_err
, "%s: -www option is too long\n", prog
);
210 min_version
= SSL3_VERSION
;
211 max_version
= SSL3_VERSION
;
214 min_version
= TLS1_VERSION
;
215 max_version
= TLS1_VERSION
;
218 min_version
= TLS1_1_VERSION
;
219 max_version
= TLS1_1_VERSION
;
222 min_version
= TLS1_2_VERSION
;
223 max_version
= TLS1_2_VERSION
;
226 min_version
= TLS1_3_VERSION
;
227 max_version
= TLS1_3_VERSION
;
230 if (!opt_provider(o
))
236 /* No extra arguments. */
237 argc
= opt_num_rest();
242 cipher
= getenv("SSL_CIPHER");
244 if ((ctx
= SSL_CTX_new(meth
)) == NULL
)
247 SSL_CTX_set_quiet_shutdown(ctx
, 1);
248 if (SSL_CTX_set_min_proto_version(ctx
, min_version
) == 0)
250 if (SSL_CTX_set_max_proto_version(ctx
, max_version
) == 0)
254 SSL_CTX_set_options(ctx
, SSL_OP_ALL
);
255 if (cipher
!= NULL
&& !SSL_CTX_set_cipher_list(ctx
, cipher
))
257 if (ciphersuites
!= NULL
&& !SSL_CTX_set_ciphersuites(ctx
, ciphersuites
))
259 if (!set_cert_stuff(ctx
, certfile
, keyfile
))
262 if (!ctx_set_verify_locations(ctx
, CAfile
, noCAfile
, CApath
, noCApath
,
263 CAstore
, noCAstore
)) {
264 ERR_print_errors(bio_err
);
269 printf("Collecting connection statistics for %d seconds\n", maxtime
);
271 /* Loop and time how long it takes to make connections */
274 finishtime
= (long)time(NULL
) + maxtime
;
277 if (finishtime
< (long)time(NULL
))
280 if ((scon
= doConnection(NULL
, host
, ctx
)) == NULL
)
283 if (www_path
!= NULL
) {
284 buf_len
= BIO_snprintf(buf
, sizeof(buf
), fmt_http_get_cmd
,
286 if (buf_len
<= 0 || SSL_write(scon
, buf
, buf_len
) <= 0)
288 while ((i
= SSL_read(scon
, buf
, sizeof(buf
))) > 0)
291 SSL_set_shutdown(scon
, SSL_SENT_SHUTDOWN
| SSL_RECEIVED_SHUTDOWN
);
292 BIO_closesocket(SSL_get_fd(scon
));
295 if (SSL_session_reused(scon
)) {
298 ver
= SSL_version(scon
);
299 if (ver
== TLS1_VERSION
)
301 else if (ver
== SSL3_VERSION
)
312 totalTime
+= tm_Time_F(STOP
); /* Add the time for this iteration */
314 i
= (int)((long)time(NULL
) - finishtime
+ maxtime
);
316 ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
317 nConn
, totalTime
, ((double)nConn
/ totalTime
), bytes_read
);
319 ("%d connections in %ld real seconds, %ld bytes read per connection\n",
320 nConn
, (long)time(NULL
) - finishtime
+ maxtime
,
321 nConn
> 0 ? bytes_read
/ nConn
: 0l);
324 * Now loop and time connections using the same session id over and over
330 printf("\n\nNow timing with session id reuse.\n");
332 /* Get an SSL object so we can reuse the session id */
333 if ((scon
= doConnection(NULL
, host
, ctx
)) == NULL
) {
334 BIO_printf(bio_err
, "Unable to get connection\n");
338 if (www_path
!= NULL
) {
339 buf_len
= BIO_snprintf(buf
, sizeof(buf
), fmt_http_get_cmd
, www_path
);
340 if (buf_len
<= 0 || SSL_write(scon
, buf
, buf_len
) <= 0)
342 while ((i
= SSL_read(scon
, buf
, sizeof(buf
))) > 0)
345 SSL_set_shutdown(scon
, SSL_SENT_SHUTDOWN
| SSL_RECEIVED_SHUTDOWN
);
346 if ((fd
= SSL_get_fd(scon
)) >= 0)
352 finishtime
= (long)time(NULL
) + maxtime
;
354 printf("starting\n");
359 if (finishtime
< (long)time(NULL
))
362 if ((doConnection(scon
, host
, ctx
)) == NULL
)
365 if (www_path
!= NULL
) {
366 buf_len
= BIO_snprintf(buf
, sizeof(buf
), fmt_http_get_cmd
,
368 if (buf_len
<= 0 || SSL_write(scon
, buf
, buf_len
) <= 0)
370 while ((i
= SSL_read(scon
, buf
, sizeof(buf
))) > 0)
373 SSL_set_shutdown(scon
, SSL_SENT_SHUTDOWN
| SSL_RECEIVED_SHUTDOWN
);
374 if ((fd
= SSL_get_fd(scon
)) >= 0)
378 if (SSL_session_reused(scon
)) {
381 ver
= SSL_version(scon
);
382 if (ver
== TLS1_VERSION
)
384 else if (ver
== SSL3_VERSION
)
392 totalTime
+= tm_Time_F(STOP
); /* Add the time for this iteration */
395 ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
396 nConn
, totalTime
, ((double)nConn
/ totalTime
), bytes_read
);
398 ("%d connections in %ld real seconds, %ld bytes read per connection\n",
399 nConn
, (long)time(NULL
) - finishtime
+ maxtime
, bytes_read
/ nConn
);
410 * doConnection - make a connection
412 static SSL
*doConnection(SSL
*scon
, const char *host
, SSL_CTX
*ctx
)
418 if ((conn
= BIO_new(BIO_s_connect())) == NULL
)
421 if (BIO_set_conn_hostname(conn
, host
) <= 0
422 || BIO_set_conn_mode(conn
, BIO_SOCK_NODELAY
) <= 0) {
428 serverCon
= SSL_new(ctx
);
429 if (serverCon
== NULL
) {
435 SSL_set_connect_state(serverCon
);
438 SSL_set_bio(serverCon
, conn
, conn
);
440 /* ok, lets connect */
441 i
= SSL_connect(serverCon
);
443 BIO_printf(bio_err
, "ERROR\n");
444 if (verify_args
.error
!= X509_V_OK
)
445 BIO_printf(bio_err
, "verify error:%s\n",
446 X509_verify_cert_error_string(verify_args
.error
));
448 ERR_print_errors(bio_err
);
454 #if defined(SOL_SOCKET) && defined(SO_LINGER)
456 struct linger no_linger
;
459 no_linger
.l_onoff
= 1;
460 no_linger
.l_linger
= 0;
461 fd
= SSL_get_fd(serverCon
);
463 (void)setsockopt(fd
, SOL_SOCKET
, SO_LINGER
, (char*)&no_linger
,
470 #endif /* OPENSSL_NO_SOCK */