handshake: allow sharing SSL_CTX within thread

Allow use of -s option for ossl_lib_ctx pool test.

Tested againts the master openssl branch.

sharing SSL_CTX on:

$ ./handshake -P /Users/npajkovsky/openssl/openssl/test/certs 500
Average time per handshake: 18248.810300us
Handshakes per second: 12385.634151

sharing SSL_CTX off:

$ ./handshake -s -P /Users/npajkovsky/openssl/openssl/test/certs 500
Average time per handshake: 51546.385400us
Handshakes per second: 6285.852934

Signed-off-by: Nikola Pajkovsky <[email protected]>

Reviewed-by: Neil Horman <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
Reviewed-by: Viktor Dukhovni <[email protected]>
Reviewed-by: Matt Caswell <[email protected]>
(Merged from #25)

Author: nikolapajkovsky

README

@@ -58,6 +58,7 @@ handshake [-t] [-s] <certsdir> <threadcount>
 -p - use ossl_lib_ctx per thread
 -P - use ossl_lib_ctx pool (can be combined with -s. If sharing is enabled, ssl_ctx
      is shared within single thread)
+-o - set ossl_lib_ctx pool size (use only with -P)
 certsdir - Directory where the test can locate servercert.pem and serverkey.pem
 threadcount - Number of concurrent threads to run in test
 

source/Makefile

@@ -8,7 +8,7 @@ clean:
 CPPFLAGS += -I$(TARGET_OSSL_INCLUDE_PATH) -I.
 # For second include path, i.e. out of tree build of OpenSSL uncomment this:
 # CPPFLAGS += -I$(TARGET_OSSL_INCLUDE_PATH2)
-CFLAGS += -pthread -O2
+CFLAGS += -pthread -O3
 LDFLAGS += -L$(TARGET_OSSL_LIBRARY_PATH) -L.
 # For setting RUNPATH on built executables uncomment this:
 # LDFLAGS += -Wl,-rpath,$(TARGET_OSSL_LIBRARY_PATH)

source/handshake.c

@@ -10,6 +10,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include <errno.h>
 #ifndef _WIN32
 # include <libgen.h>
 # include <unistd.h>
@@ -22,21 +23,21 @@
 #include "perflib/perflib.h"
 
 #define NUM_CALLS_PER_TEST        10000
-#define OSSL_LIB_CTX_POOL_SIZE    16
 
 int err = 0;
 
 static SSL_CTX *sctx = NULL, *cctx = NULL;
 static int share_ctx = 1;
 static char *cert = NULL;
 static char *privkey = NULL;
-static OSSL_LIB_CTX *libctx_pool[OSSL_LIB_CTX_POOL_SIZE] = { NULL };
+static OSSL_LIB_CTX **libctx_pool = NULL;
 
 
 OSSL_TIME *times;
 
 static int threadcount;
 size_t num_calls;
+static long ossl_lib_ctx_pool_size = 16;
 
 typedef enum {
     TC_SSL_CTX,
@@ -154,9 +155,8 @@ static void do_handshake_ossl_lib_ctx_pool(size_t num)
 
     start = ossl_time_now();
 
-    libctx = libctx_pool[num % OSSL_LIB_CTX_POOL_SIZE];
-
-    for (i = 0; i < num_calls / threadcount; i++) {
+    libctx = libctx_pool[num % ossl_lib_ctx_pool_size];
+    if (share_ctx == 1) {
         if (!perflib_create_ossl_lib_ctx_pair(libctx,
                                               TLS_server_method(),
                                               TLS_client_method(),
@@ -166,17 +166,37 @@ static void do_handshake_ossl_lib_ctx_pool(size_t num)
             err = 1;
             return;
         }
+    }
 
+    for (i = 0; i < num_calls / threadcount; ++i) {
+        if (share_ctx == 0) {
+            if (!perflib_create_ossl_lib_ctx_pair(libctx,
+                                                  TLS_server_method(),
+                                                  TLS_client_method(),
+                                                  0, 0, &lsctx, &lcctx, cert,
+                                                  privkey)) {
+                fprintf(stderr, "%s:%d: Failed to create SSL_CTX pair\n", __FILE__, __LINE__);
+                err = 1;
+                return;
+            }
+        }
 
         ret = perflib_create_ssl_objects(lsctx, lcctx, &serverssl, &clientssl,
                                          NULL, NULL);
         ret &= perflib_create_ssl_connection(serverssl, clientssl,
                                              SSL_ERROR_NONE);
         perflib_shutdown_ssl_connection(serverssl, clientssl);
         serverssl = clientssl = NULL;
+        if (share_ctx == 0) {
+            SSL_CTX_free(lsctx);
+            SSL_CTX_free(lcctx);
+            lsctx = lcctx = NULL;
+        }
+    }
+
+    if (share_ctx == 1) {
         SSL_CTX_free(lsctx);
         SSL_CTX_free(lcctx);
-        lsctx = lcctx = NULL;
     }
 
     end = ossl_time_now();
@@ -186,8 +206,13 @@ static void do_handshake_ossl_lib_ctx_pool(size_t num)
         err = 1;
 }
 
-static int init_ossl_lib_ctx_pool() {
-    for (int i = 0; i < OSSL_LIB_CTX_POOL_SIZE; ++i) {
+static int init_ossl_lib_ctx_pool()
+{
+    libctx_pool = OPENSSL_malloc(ossl_lib_ctx_pool_size * sizeof(*libctx_pool));
+    if (libctx_pool == NULL)
+        return 1;
+
+    for (int i = 0; i < ossl_lib_ctx_pool_size; ++i) {
         libctx_pool[i] = OSSL_LIB_CTX_new();
         if (libctx_pool[i] == NULL) {
             fprintf(stderr, "%s:%d: Failed to create ossl lib context\n", __FILE__, __LINE__);
@@ -198,10 +223,13 @@ static int init_ossl_lib_ctx_pool() {
     return 1;
 }
 
-static void free_ossl_lib_ctx_pool() {
-    for (int i = 0; i < OSSL_LIB_CTX_POOL_SIZE; ++i) {
+static void free_ossl_lib_ctx_pool()
+{
+    for (int i = 0; i < ossl_lib_ctx_pool_size; ++i) {
         OSSL_LIB_CTX_free(libctx_pool[i]);
     }
+
+    OPENSSL_free(libctx_pool);
 }
 
 static int test_ossl_lib_ctx_pool(size_t threadcount, OSSL_TIME *duration)
@@ -213,22 +241,23 @@ static int test_ossl_lib_ctx_pool(size_t threadcount, OSSL_TIME *duration)
         goto err;
 
     ret = perflib_run_multi_thread_test(do_handshake_ossl_lib_ctx_pool, threadcount, duration);
-    if (!ret) {
+    if (!ret)
         printf("Failed to run the test\n");
-    }
 
  err:
     free_ossl_lib_ctx_pool();
 
     return ret;
 }
 
-void usage(const char *progname) {
-    printf("Usage: %s [-t] [-s] certsdir threadcount\n", progname);
+void usage(const char *progname)
+{
+    printf("Usage: %s [-t] [-s] [-p] [-P] [-o] certsdir threadcount\n", progname);
     printf("-t - terse output\n");
     printf("-s - disable context sharing\n");
     printf("-p - use ossl_lib_ctx per thread\n");
     printf("-P - use ossl_lib_ctx pool\n");
+    printf("-o - set ossl_lib_ctx pool size\n");
 }
 
 int main(int argc, char * const argv[])
@@ -241,9 +270,10 @@ int main(int argc, char * const argv[])
     int terse = 0;
     int opt;
     int p_flag = 0, P_flag = 0;
+    char *endptr = NULL;
     test_case_t test_case = TC_SSL_CTX;
 
-    while ((opt = getopt(argc, argv, "tspP")) != -1) {
+    while ((opt = getopt(argc, argv, "tspPo:")) != -1) {
         switch (opt) {
         case 't':
             terse = 1;
@@ -259,6 +289,25 @@ int main(int argc, char * const argv[])
             P_flag = 1;
             test_case = TC_OSSL_LIB_CTX_POOL;
             break;
+        case 'o':
+            errno = 0;
+            ossl_lib_ctx_pool_size = strtol(optarg, &endptr, 0);
+            if (errno == ERANGE && ossl_lib_ctx_pool_size == ULONG_MAX) {
+                perror("Overflow occurred");
+                usage(basename(argv[0]));
+                return EXIT_FAILURE;
+            }
+            if (endptr == optarg || *endptr) {
+                fprintf(stderr, "Invalid input: '%s'\n", optarg);
+                usage(basename(argv[0]));
+                return EXIT_FAILURE;
+            }
+            if (ossl_lib_ctx_pool_size < 1) {
+                fprintf(stderr, "Pool size must be a > 0\n");
+                usage(basename(argv[0]));
+                return EXIT_FAILURE;
+            }
+            break;
         default:
             usage(basename(argv[0]));
             return EXIT_FAILURE;