diff options
author | Shigeki Ohtsu <ohtsu@iij.ad.jp> | 2015-05-27 10:33:38 +0900 |
---|---|---|
committer | Myles Borins <mylesborins@google.com> | 2018-03-27 20:17:19 -0400 |
commit | 1a85328264646fae04068e0595c3a6bf02e2c8fc (patch) | |
tree | b31b7b0008b97bf73d70e41ab5c1d55e57bb8a95 /deps | |
parent | 5aa53cbf404f2886a95f44c1204baf2885b1ef11 (diff) | |
download | android-node-v8-1a85328264646fae04068e0595c3a6bf02e2c8fc.tar.gz android-node-v8-1a85328264646fae04068e0595c3a6bf02e2c8fc.tar.bz2 android-node-v8-1a85328264646fae04068e0595c3a6bf02e2c8fc.zip |
deps: add -no_rand_screen to openssl s_client
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.
Backport-PR-URL: https://github.com/nodejs/node/pull/19638
Fixes: https://github.com/nodejs/io.js/issues/1461
PR-URL: https://github.com/nodejs/io.js/pull/1836
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Diffstat (limited to 'deps')
-rw-r--r-- | deps/openssl/openssl/apps/app_rand.c | 11 | ||||
-rw-r--r-- | deps/openssl/openssl/apps/s_client.c | 11 |
2 files changed, 20 insertions, 2 deletions
diff --git a/deps/openssl/openssl/apps/app_rand.c b/deps/openssl/openssl/apps/app_rand.c index 0bbf342e7e..00e0538dd3 100644 --- a/deps/openssl/openssl/apps/app_rand.c +++ b/deps/openssl/openssl/apps/app_rand.c @@ -124,7 +124,16 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) char buffer[200]; #ifdef OPENSSL_SYS_WINDOWS - RAND_screen(); + /* + * allocate 2 to dont_warn not to use RAND_screen() via + * -no_rand_screen option in s_client + */ + if (dont_warn != 2) { + BIO_printf(bio_e, "Loading 'screen' into random state -"); + BIO_flush(bio_e); + RAND_screen(); + BIO_printf(bio_e, " done\n"); + } #endif if (file == NULL) diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c index fbf5899e4b..1ef59dc346 100644 --- a/deps/openssl/openssl/apps/s_client.c +++ b/deps/openssl/openssl/apps/s_client.c @@ -236,6 +236,7 @@ static BIO *bio_c_msg = NULL; static int c_quiet = 0; static int c_ign_eof = 0; static int c_brief = 0; +static int c_no_rand_screen = 0; #ifndef OPENSSL_NO_PSK /* Default PSK identity and key */ @@ -451,6 +452,10 @@ static void sc_usage(void) " -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err, " -keymatexportlen len - Export len bytes of keying material (default 20)\n"); +#ifdef OPENSSL_SYS_WINDOWS + BIO_printf(bio_err, + " -no_rand_screen - Do not use RAND_screen() to initialize random state\n"); +#endif } #ifndef OPENSSL_NO_TLSEXT @@ -1144,6 +1149,10 @@ int MAIN(int argc, char **argv) keymatexportlen = atoi(*(++argv)); if (keymatexportlen == 0) goto bad; +#ifdef OPENSSL_SYS_WINDOWS + } else if (strcmp(*argv, "-no_rand_screen") == 0) { + c_no_rand_screen = 1; +#endif } else { BIO_printf(bio_err, "unknown option %s\n", *argv); badop = 1; @@ -1260,7 +1269,7 @@ int MAIN(int argc, char **argv) if (!load_excert(&exc, bio_err)) goto end; - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL + if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL && !RAND_status()) { BIO_printf(bio_err, "warning, not much extra random data, consider using the -rand option\n"); |