generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add an ability to set the SSL read buffer size

Browse Source 
This capability is required for read pipelining. We will only read in as
many records as will fit in the read buffer (and the network can provide
in one go). The bigger the buffer the more records we can process in
parallel.

Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Matt Caswell
2016-01-13 14:20:25 +00:00
parent 0220fee47f
commit dad78fb13d
10 changed files with 53 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
apps/s_client.c
View File

@@ -656,7 +656,7 @@ typedef enum OPTION_choice {
OPT_CHAINCAFILE, OPT_VERIFYCAFILE, OPT_NEXTPROTONEG, OPT_ALPN,
OPT_SERVERINFO, OPT_STARTTLS, OPT_SERVERNAME,
OPT_USE_SRTP, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN, OPT_SMTPHOST,
OPT_ASYNC, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES,
OPT_ASYNC, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES, OPT_READ_BUF,
OPT_V_ENUM,
OPT_X_ENUM,
OPT_S_ENUM,
@@ -766,6 +766,8 @@ OPTIONS s_client_options[] = {
"Size used to split data for encrypt/decrypt pipelines"},
{"max_pipelines", OPT_MAX_PIPELINES, 'n',
"Maximum number of encrypt/decrypt pipelines to be used"},
{"read_buf", OPT_READ_BUF, 'n',
"Default read buffer size to be used for connections"},
OPT_S_OPTIONS,
OPT_V_OPTIONS,
OPT_X_OPTIONS,
@@ -896,6 +898,7 @@ int s_client_main(int argc, char **argv)
int socket_family = AF_UNSPEC, socket_type = SOCK_STREAM;
int starttls_proto = PROTO_OFF, crl_format = FORMAT_PEM, crl_download = 0;
int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending;
int read_buf_len = 0;
int fallback_scsv = 0;
long socket_mtu = 0, randamt = 0;
OPTION_CHOICE o;
@@ -1393,6 +1396,9 @@ int s_client_main(int argc, char **argv)
case OPT_MAX_PIPELINES:
max_pipelines = atoi(opt_arg());
break;
case OPT_READ_BUF:
read_buf_len = atoi(opt_arg());
break;
}
}
argc = opt_num_rest();
@@ -1573,6 +1579,10 @@ int s_client_main(int argc, char **argv)
SSL_CTX_set_max_pipelines(ctx, max_pipelines);
}
if (read_buf_len > 0) {
SSL_CTX_set_default_read_buffer_len(ctx, read_buf_len);
}
if (!config_ctx(cctx, ssl_args, ctx))
goto end;

15
apps/s_server.c
View File

@@ -809,8 +809,8 @@ typedef enum OPTION_choice {
OPT_QUIET, OPT_BRIEF, OPT_NO_DHE,
OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE,
OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC,
OPT_SSL_CONFIG, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES, OPT_SSL3,
OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_SSL_CONFIG, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES, OPT_READ_BUF,
OPT_SSL3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_CHAIN, OPT_LISTEN,
OPT_ID_PREFIX, OPT_RAND, OPT_SERVERNAME, OPT_SERVERNAME_FATAL,
OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN,
@@ -946,6 +946,8 @@ OPTIONS s_server_options[] = {
"Size used to split data for encrypt/decrypt pipelines"},
{"max_pipelines", OPT_MAX_PIPELINES, 'n',
"Maximum number of encrypt/decrypt pipelines to be used"},
{"read_buf", OPT_READ_BUF, 'n',
"Default read buffer size to be used for connections"},
OPT_S_OPTIONS,
OPT_V_OPTIONS,
OPT_X_OPTIONS,
@@ -1049,6 +1051,7 @@ int s_server_main(int argc, char *argv[])
X509 *s_cert2 = NULL;
tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
const char *ssl_config = NULL;
int read_buf_len = 0;
#ifndef OPENSSL_NO_NEXTPROTONEG
const char *next_proto_neg_in = NULL;
tlsextnextprotoctx next_proto = { NULL, 0 };
@@ -1521,6 +1524,10 @@ int s_server_main(int argc, char *argv[])
case OPT_MAX_PIPELINES:
max_pipelines = atoi(opt_arg());
break;
case OPT_READ_BUF:
read_buf_len = atoi(opt_arg());
break;
}
}
argc = opt_num_rest();
@@ -1753,6 +1760,10 @@ int s_server_main(int argc, char *argv[])
SSL_CTX_set_max_pipelines(ctx, max_pipelines);
}
if (read_buf_len > 0) {
SSL_CTX_set_default_read_buffer_len(ctx, read_buf_len);
}
#ifndef OPENSSL_NO_SRTP
if (srtp_profiles != NULL) {
/* Returns 0 on success! */