Skip to content

Commit

Permalink
deps: add -no_rand_screen to openssl s_client
Browse files Browse the repository at this point in the history
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.

(cherry picked from commit 9f0f7c38e6df975dd39735d0e9ef968076369c74)

Reviewed-By: James M Snell <[email protected]>
PR-URL: nodejs/node-v0.x-archive#25368
  • Loading branch information
Shigeki Ohtsu authored and shigeki committed Sep 22, 2016
1 parent ab7ebaf commit faefc1f
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 5 deletions.
14 changes: 10 additions & 4 deletions deps/openssl/openssl/apps/app_rand.c
Original file line number Diff line number Diff line change
Expand Up @@ -124,10 +124,16 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
char buffer[200];

#ifdef OPENSSL_SYS_WINDOWS
BIO_printf(bio_e, "Loading 'screen' into random state -");
BIO_flush(bio_e);
RAND_screen();
BIO_printf(bio_e, " done\n");
/*
* allocate 2 to dont_warn not to use RAND_screen() via
* -no_rand_screen option in s_client
*/
if (dont_warn != 2) {
BIO_printf(bio_e, "Loading 'screen' into random state -");
BIO_flush(bio_e);
RAND_screen();
BIO_printf(bio_e, " done\n");
}
#endif

if (file == NULL)
Expand Down
11 changes: 10 additions & 1 deletion deps/openssl/openssl/apps/s_client.c
Original file line number Diff line number Diff line change
Expand Up @@ -233,6 +233,7 @@ static int ocsp_resp_cb(SSL *s, void *arg);
static BIO *bio_c_out = NULL;
static int c_quiet = 0;
static int c_ign_eof = 0;
static int c_no_rand_screen = 0;

#ifndef OPENSSL_NO_PSK
/* Default PSK identity and key */
Expand Down Expand Up @@ -435,6 +436,10 @@ static void sc_usage(void)
" -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err,
" -keymatexportlen len - Export len bytes of keying material (default 20)\n");
#ifdef OPENSSL_SYS_WINDOWS
BIO_printf(bio_err,
" -no_rand_screen - Do not use RAND_screen() to initialize random state\n");
#endif
}

#ifndef OPENSSL_NO_TLSEXT
Expand Down Expand Up @@ -1011,6 +1016,10 @@ int MAIN(int argc, char **argv)
keymatexportlen = atoi(*(++argv));
if (keymatexportlen == 0)
goto bad;
#ifdef OPENSSL_SYS_WINDOWS
} else if (strcmp(*argv, "-no_rand_screen") == 0) {
c_no_rand_screen = 1;
#endif
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
Expand Down Expand Up @@ -1094,7 +1103,7 @@ int MAIN(int argc, char **argv)
}
}

if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL
&& !RAND_status()) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
Expand Down

0 comments on commit faefc1f

Please sign in to comment.