xref: /freebsd/crypto/openssl/apps/s_time.c (revision f39bffc62c1395bde25d152c7f68fdf7cbaab414)
1 /* apps/s_time.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 
59 #define NO_SHUTDOWN
60 
61 /* ----------------------------------------
62    s_time - SSL client connection timer program
63    Written and donated by Larry Streepy <streepy@healthcare.com>
64   -----------------------------------------*/
65 
66 #include <stdio.h>
67 #include <stdlib.h>
68 #include <string.h>
69 
70 #define USE_SOCKETS
71 #include "apps.h"
72 #ifdef OPENSSL_NO_STDIO
73 # define APPS_WIN16
74 #endif
75 #include <openssl/x509.h>
76 #include <openssl/ssl.h>
77 #include <openssl/pem.h>
78 #include "s_apps.h"
79 #include <openssl/err.h>
80 #ifdef WIN32_STUFF
81 # include "winmain.h"
82 # include "wintext.h"
83 #endif
84 #if !defined(OPENSSL_SYS_MSDOS)
85 # include OPENSSL_UNISTD
86 #endif
87 
88 #undef PROG
89 #define PROG s_time_main
90 
91 #undef ioctl
92 #define ioctl ioctlsocket
93 
94 #define SSL_CONNECT_NAME        "localhost:4433"
95 
96 /* no default cert. */
97 /*
98  * #define TEST_CERT "client.pem"
99  */
100 
101 #undef BUFSIZZ
102 #define BUFSIZZ 1024*10
103 
104 #define MYBUFSIZ 1024*8
105 
106 #undef min
107 #undef max
108 #define min(a,b) (((a) < (b)) ? (a) : (b))
109 #define max(a,b) (((a) > (b)) ? (a) : (b))
110 
111 #undef SECONDS
112 #define SECONDS 30
113 extern int verify_depth;
114 extern int verify_error;
115 
116 static void s_time_usage(void);
117 static int parseArgs(int argc, char **argv);
118 static SSL *doConnection(SSL *scon);
119 static void s_time_init(void);
120 
121 /***********************************************************************
122  * Static data declarations
123  */
124 
125 /* static char *port=PORT_STR;*/
126 static char *host = SSL_CONNECT_NAME;
127 static char *t_cert_file = NULL;
128 static char *t_key_file = NULL;
129 static char *CApath = NULL;
130 static char *CAfile = NULL;
131 static char *tm_cipher = NULL;
132 static int tm_verify = SSL_VERIFY_NONE;
133 static int maxTime = SECONDS;
134 static SSL_CTX *tm_ctx = NULL;
135 static const SSL_METHOD *s_time_meth = NULL;
136 static char *s_www_path = NULL;
137 static long bytes_read = 0;
138 static int st_bugs = 0;
139 static int perform = 0;
140 #ifdef FIONBIO
141 static int t_nbio = 0;
142 #endif
143 #ifdef OPENSSL_SYS_WIN32
144 static int exitNow = 0;         /* Set when it's time to exit main */
145 #endif
146 
147 static void s_time_init(void)
148 {
149     host = SSL_CONNECT_NAME;
150     t_cert_file = NULL;
151     t_key_file = NULL;
152     CApath = NULL;
153     CAfile = NULL;
154     tm_cipher = NULL;
155     tm_verify = SSL_VERIFY_NONE;
156     maxTime = SECONDS;
157     tm_ctx = NULL;
158     s_time_meth = NULL;
159     s_www_path = NULL;
160     bytes_read = 0;
161     st_bugs = 0;
162     perform = 0;
163 
164 #ifdef FIONBIO
165     t_nbio = 0;
166 #endif
167 #ifdef OPENSSL_SYS_WIN32
168     exitNow = 0;                /* Set when it's time to exit main */
169 #endif
170 }
171 
172 /***********************************************************************
173  * usage - display usage message
174  */
175 static void s_time_usage(void)
176 {
177     static char umsg[] = "\
178 -time arg     - max number of seconds to collect data, default %d\n\
179 -verify arg   - turn on peer certificate verification, arg == depth\n\
180 -cert arg     - certificate file to use, PEM format assumed\n\
181 -key arg      - RSA file to use, PEM format assumed, key is in cert file\n\
182                 file if not specified by this option\n\
183 -CApath arg   - PEM format directory of CA's\n\
184 -CAfile arg   - PEM format file of CA's\n\
185 -cipher       - preferred cipher to use, play with 'openssl ciphers'\n\n";
186 
187     printf("usage: s_time <args>\n\n");
188 
189     printf("-connect host:port - host:port to connect to (default is %s)\n",
190            SSL_CONNECT_NAME);
191 #ifdef FIONBIO
192     printf("-nbio         - Run with non-blocking IO\n");
193     printf("-ssl2         - Just use SSLv2\n");
194     printf("-ssl3         - Just use SSLv3\n");
195     printf("-bugs         - Turn on SSL bug compatibility\n");
196     printf("-new          - Just time new connections\n");
197     printf("-reuse        - Just time connection reuse\n");
198     printf("-www page     - Retrieve 'page' from the site\n");
199 #endif
200     printf(umsg, SECONDS);
201 }
202 
203 /***********************************************************************
204  * parseArgs - Parse command line arguments and initialize data
205  *
206  * Returns 0 if ok, -1 on bad args
207  */
208 static int parseArgs(int argc, char **argv)
209 {
210     int badop = 0;
211 
212     verify_depth = 0;
213     verify_error = X509_V_OK;
214 
215     argc--;
216     argv++;
217 
218     while (argc >= 1) {
219         if (strcmp(*argv, "-connect") == 0) {
220             if (--argc < 1)
221                 goto bad;
222             host = *(++argv);
223         }
224 #if 0
225         else if (strcmp(*argv, "-host") == 0) {
226             if (--argc < 1)
227                 goto bad;
228             host = *(++argv);
229         } else if (strcmp(*argv, "-port") == 0) {
230             if (--argc < 1)
231                 goto bad;
232             port = *(++argv);
233         }
234 #endif
235         else if (strcmp(*argv, "-reuse") == 0)
236             perform = 2;
237         else if (strcmp(*argv, "-new") == 0)
238             perform = 1;
239         else if (strcmp(*argv, "-verify") == 0) {
240 
241             tm_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
242             if (--argc < 1)
243                 goto bad;
244             verify_depth = atoi(*(++argv));
245             BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
246 
247         } else if (strcmp(*argv, "-cert") == 0) {
248 
249             if (--argc < 1)
250                 goto bad;
251             t_cert_file = *(++argv);
252 
253         } else if (strcmp(*argv, "-key") == 0) {
254 
255             if (--argc < 1)
256                 goto bad;
257             t_key_file = *(++argv);
258 
259         } else if (strcmp(*argv, "-CApath") == 0) {
260 
261             if (--argc < 1)
262                 goto bad;
263             CApath = *(++argv);
264 
265         } else if (strcmp(*argv, "-CAfile") == 0) {
266 
267             if (--argc < 1)
268                 goto bad;
269             CAfile = *(++argv);
270 
271         } else if (strcmp(*argv, "-cipher") == 0) {
272 
273             if (--argc < 1)
274                 goto bad;
275             tm_cipher = *(++argv);
276         }
277 #ifdef FIONBIO
278         else if (strcmp(*argv, "-nbio") == 0) {
279             t_nbio = 1;
280         }
281 #endif
282         else if (strcmp(*argv, "-www") == 0) {
283             if (--argc < 1)
284                 goto bad;
285             s_www_path = *(++argv);
286             if (strlen(s_www_path) > MYBUFSIZ - 100) {
287                 BIO_printf(bio_err, "-www option too long\n");
288                 badop = 1;
289             }
290         } else if (strcmp(*argv, "-bugs") == 0)
291             st_bugs = 1;
292 #ifndef OPENSSL_NO_SSL2
293         else if (strcmp(*argv, "-ssl2") == 0)
294             s_time_meth = SSLv2_client_method();
295 #endif
296 #ifndef OPENSSL_NO_SSL3
297         else if (strcmp(*argv, "-ssl3") == 0)
298             s_time_meth = SSLv3_client_method();
299 #endif
300         else if (strcmp(*argv, "-time") == 0) {
301 
302             if (--argc < 1)
303                 goto bad;
304             maxTime = atoi(*(++argv));
305             if (maxTime <= 0) {
306                 BIO_printf(bio_err, "time must be > 0\n");
307                 badop = 1;
308             }
309         } else {
310             BIO_printf(bio_err, "unknown option %s\n", *argv);
311             badop = 1;
312             break;
313         }
314 
315         argc--;
316         argv++;
317     }
318 
319     if (perform == 0)
320         perform = 3;
321 
322     if (badop) {
323  bad:
324         s_time_usage();
325         return -1;
326     }
327 
328     return 0;                   /* Valid args */
329 }
330 
331 /***********************************************************************
332  * TIME - time functions
333  */
334 #define START   0
335 #define STOP    1
336 
337 static double tm_Time_F(int s)
338 {
339     return app_tminterval(s, 1);
340 }
341 
342 /***********************************************************************
343  * MAIN - main processing area for client
344  *                      real name depends on MONOLITH
345  */
346 int MAIN(int, char **);
347 
348 int MAIN(int argc, char **argv)
349 {
350     double totalTime = 0.0;
351     int nConn = 0;
352     SSL *scon = NULL;
353     long finishtime = 0;
354     int ret = 1, i;
355     MS_STATIC char buf[1024 * 8];
356     int ver;
357 
358     apps_startup();
359     s_time_init();
360 
361     if (bio_err == NULL)
362         bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
363 
364     s_time_meth = SSLv23_client_method();
365 
366     /* parse the command line arguments */
367     if (parseArgs(argc, argv) < 0)
368         goto end;
369 
370     OpenSSL_add_ssl_algorithms();
371     if ((tm_ctx = SSL_CTX_new(s_time_meth)) == NULL)
372         return (1);
373 
374     SSL_CTX_set_quiet_shutdown(tm_ctx, 1);
375 
376     if (st_bugs)
377         SSL_CTX_set_options(tm_ctx, SSL_OP_ALL);
378     SSL_CTX_set_cipher_list(tm_ctx, tm_cipher);
379     if (!set_cert_stuff(tm_ctx, t_cert_file, t_key_file))
380         goto end;
381 
382     SSL_load_error_strings();
383 
384     if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
385         (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
386         /*
387          * BIO_printf(bio_err,"error setting default verify locations\n");
388          */
389         ERR_print_errors(bio_err);
390         /* goto end; */
391     }
392 
393     if (tm_cipher == NULL)
394         tm_cipher = getenv("SSL_CIPHER");
395 
396     if (tm_cipher == NULL) {
397         fprintf(stderr, "No CIPHER specified\n");
398     }
399 
400     if (!(perform & 1))
401         goto next;
402     printf("Collecting connection statistics for %d seconds\n", maxTime);
403 
404     /* Loop and time how long it takes to make connections */
405 
406     bytes_read = 0;
407     finishtime = (long)time(NULL) + maxTime;
408     tm_Time_F(START);
409     for (;;) {
410         if (finishtime < (long)time(NULL))
411             break;
412 #ifdef WIN32_STUFF
413 
414         if (flushWinMsgs(0) == -1)
415             goto end;
416 
417         if (waitingToDie || exitNow) /* we're dead */
418             goto end;
419 #endif
420 
421         if ((scon = doConnection(NULL)) == NULL)
422             goto end;
423 
424         if (s_www_path != NULL) {
425             BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
426                          s_www_path);
427             SSL_write(scon, buf, strlen(buf));
428             while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
429                 bytes_read += i;
430         }
431 #ifdef NO_SHUTDOWN
432         SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
433 #else
434         SSL_shutdown(scon);
435 #endif
436         SHUTDOWN2(SSL_get_fd(scon));
437 
438         nConn += 1;
439         if (SSL_session_reused(scon))
440             ver = 'r';
441         else {
442             ver = SSL_version(scon);
443             if (ver == TLS1_VERSION)
444                 ver = 't';
445             else if (ver == SSL3_VERSION)
446                 ver = '3';
447             else if (ver == SSL2_VERSION)
448                 ver = '2';
449             else
450                 ver = '*';
451         }
452         fputc(ver, stdout);
453         fflush(stdout);
454 
455         SSL_free(scon);
456         scon = NULL;
457     }
458     totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
459 
460     i = (int)((long)time(NULL) - finishtime + maxTime);
461     printf
462         ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
463          nConn, totalTime, ((double)nConn / totalTime), bytes_read);
464     printf
465         ("%d connections in %ld real seconds, %ld bytes read per connection\n",
466          nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);
467 
468     /*
469      * Now loop and time connections using the same session id over and over
470      */
471 
472  next:
473     if (!(perform & 2))
474         goto end;
475     printf("\n\nNow timing with session id reuse.\n");
476 
477     /* Get an SSL object so we can reuse the session id */
478     if ((scon = doConnection(NULL)) == NULL) {
479         fprintf(stderr, "Unable to get connection\n");
480         goto end;
481     }
482 
483     if (s_www_path != NULL) {
484         BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n", s_www_path);
485         SSL_write(scon, buf, strlen(buf));
486         while (SSL_read(scon, buf, sizeof(buf)) > 0) ;
487     }
488 #ifdef NO_SHUTDOWN
489     SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
490 #else
491     SSL_shutdown(scon);
492 #endif
493     SHUTDOWN2(SSL_get_fd(scon));
494 
495     nConn = 0;
496     totalTime = 0.0;
497 
498     finishtime = (long)time(NULL) + maxTime;
499 
500     printf("starting\n");
501     bytes_read = 0;
502     tm_Time_F(START);
503 
504     for (;;) {
505         if (finishtime < (long)time(NULL))
506             break;
507 
508 #ifdef WIN32_STUFF
509         if (flushWinMsgs(0) == -1)
510             goto end;
511 
512         if (waitingToDie || exitNow) /* we're dead */
513             goto end;
514 #endif
515 
516         if ((doConnection(scon)) == NULL)
517             goto end;
518 
519         if (s_www_path) {
520             BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
521                          s_www_path);
522             SSL_write(scon, buf, strlen(buf));
523             while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
524                 bytes_read += i;
525         }
526 #ifdef NO_SHUTDOWN
527         SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
528 #else
529         SSL_shutdown(scon);
530 #endif
531         SHUTDOWN2(SSL_get_fd(scon));
532 
533         nConn += 1;
534         if (SSL_session_reused(scon))
535             ver = 'r';
536         else {
537             ver = SSL_version(scon);
538             if (ver == TLS1_VERSION)
539                 ver = 't';
540             else if (ver == SSL3_VERSION)
541                 ver = '3';
542             else if (ver == SSL2_VERSION)
543                 ver = '2';
544             else
545                 ver = '*';
546         }
547         fputc(ver, stdout);
548         fflush(stdout);
549     }
550     totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
551 
552     printf
553         ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
554          nConn, totalTime, ((double)nConn / totalTime), bytes_read);
555     printf
556         ("%d connections in %ld real seconds, %ld bytes read per connection\n",
557          nConn, (long)time(NULL) - finishtime + maxTime,
558          bytes_read / (nConn?nConn:1));
559 
560     ret = 0;
561  end:
562     if (scon != NULL)
563         SSL_free(scon);
564 
565     if (tm_ctx != NULL) {
566         SSL_CTX_free(tm_ctx);
567         tm_ctx = NULL;
568     }
569     apps_shutdown();
570     OPENSSL_EXIT(ret);
571 }
572 
573 /*-
574  * doConnection - make a connection
575  * Args:
576  *              scon    = earlier ssl connection for session id, or NULL
577  * Returns:
578  *              SSL *   = the connection pointer.
579  */
580 static SSL *doConnection(SSL *scon)
581 {
582     BIO *conn;
583     SSL *serverCon;
584     int width, i;
585     fd_set readfds;
586 
587     if ((conn = BIO_new(BIO_s_connect())) == NULL)
588         return (NULL);
589 
590 /*      BIO_set_conn_port(conn,port);*/
591     BIO_set_conn_hostname(conn, host);
592 
593     if (scon == NULL)
594         serverCon = SSL_new(tm_ctx);
595     else {
596         serverCon = scon;
597         SSL_set_connect_state(serverCon);
598     }
599 
600     SSL_set_bio(serverCon, conn, conn);
601 
602 #if 0
603     if (scon != NULL)
604         SSL_set_session(serverCon, SSL_get_session(scon));
605 #endif
606 
607     /* ok, lets connect */
608     for (;;) {
609         i = SSL_connect(serverCon);
610         if (BIO_sock_should_retry(i)) {
611             BIO_printf(bio_err, "DELAY\n");
612 
613             i = SSL_get_fd(serverCon);
614             width = i + 1;
615             FD_ZERO(&readfds);
616             openssl_fdset(i, &readfds);
617             /*
618              * Note: under VMS with SOCKETSHR the 2nd parameter is currently
619              * of type (int *) whereas under other systems it is (void *) if
620              * you don't have a cast it will choke the compiler: if you do
621              * have a cast then you can either go for (int *) or (void *).
622              */
623             select(width, (void *)&readfds, NULL, NULL, NULL);
624             continue;
625         }
626         break;
627     }
628     if (i <= 0) {
629         BIO_printf(bio_err, "ERROR\n");
630         if (verify_error != X509_V_OK)
631             BIO_printf(bio_err, "verify error:%s\n",
632                        X509_verify_cert_error_string(verify_error));
633         else
634             ERR_print_errors(bio_err);
635         if (scon == NULL)
636             SSL_free(serverCon);
637         return NULL;
638     }
639 
640     return serverCon;
641 }
642