diff options
| author | Shigeki Ohtsu <ohtsu@iij.ad.jp> | 2015-05-27 10:33:38 +0900 |
|---|---|---|
| committer | Myles Borins <mylesborins@google.com> | 2017-11-03 12:23:08 -0500 |
| commit | cd4194a07fc67a9b0a921d28711d25331684a465 (patch) | |
| tree | a756bc9af8334a34d6919ddd2d512a19fd4b498e /deps/openssl/openssl | |
| parent | 4184239953a91339870c1a2662e215e546097226 (diff) | |
| download | android-node-v8-cd4194a07fc67a9b0a921d28711d25331684a465.tar.gz android-node-v8-cd4194a07fc67a9b0a921d28711d25331684a465.tar.bz2 android-node-v8-cd4194a07fc67a9b0a921d28711d25331684a465.zip | |
deps: add -no_rand_screen to openssl s_client
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.
Fixes: https://github.com/nodejs/io.js/issues/1461
PR-URL: https://github.com/nodejs/io.js/pull/1836
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Diffstat (limited to 'deps/openssl/openssl')
| -rw-r--r-- | deps/openssl/openssl/apps/app_rand.c | 11 | ||||
| -rw-r--r-- | deps/openssl/openssl/apps/s_client.c | 11 |
2 files changed, 20 insertions, 2 deletions
diff --git a/deps/openssl/openssl/apps/app_rand.c b/deps/openssl/openssl/apps/app_rand.c index 7f40bba764..b6fe294a68 100644 --- a/deps/openssl/openssl/apps/app_rand.c +++ b/deps/openssl/openssl/apps/app_rand.c @@ -124,7 +124,16 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) char buffer[200]; #ifdef OPENSSL_SYS_WINDOWS - RAND_screen(); + /* + * allocate 2 to dont_warn not to use RAND_screen() via + * -no_rand_screen option in s_client + */ + if (dont_warn != 2) { + BIO_printf(bio_e, "Loading 'screen' into random state -"); + BIO_flush(bio_e); + RAND_screen(); + BIO_printf(bio_e, " done\n"); + } #endif if (file == NULL) diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c index bd772c28e5..19914a19da 100644 --- a/deps/openssl/openssl/apps/s_client.c +++ b/deps/openssl/openssl/apps/s_client.c @@ -236,6 +236,7 @@ static BIO *bio_c_msg = NULL; static int c_quiet = 0; static int c_ign_eof = 0; static int c_brief = 0; +static int c_no_rand_screen = 0; #ifndef OPENSSL_NO_PSK /* Default PSK identity and key */ @@ -451,6 +452,10 @@ static void sc_usage(void) " -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err, " -keymatexportlen len - Export len bytes of keying material (default 20)\n"); +#ifdef OPENSSL_SYS_WINDOWS + BIO_printf(bio_err, + " -no_rand_screen - Do not use RAND_screen() to initialize random state\n"); +#endif } #ifndef OPENSSL_NO_TLSEXT @@ -1143,6 +1148,10 @@ int MAIN(int argc, char **argv) keymatexportlen = atoi(*(++argv)); if (keymatexportlen == 0) goto bad; +#ifdef OPENSSL_SYS_WINDOWS + } else if (strcmp(*argv, "-no_rand_screen") == 0) { + c_no_rand_screen = 1; +#endif } else { BIO_printf(bio_err, "unknown option %s\n", *argv); badop = 1; @@ -1259,7 +1268,7 @@ int MAIN(int argc, char **argv) if (!load_excert(&exc, bio_err)) goto end; - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL + if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL && !RAND_status()) { BIO_printf(bio_err, "warning, not much extra random data, consider using the -rand option\n"); |