* [PATCH] openssl: enable SSLContext read_ahead accessor
@ 2016-06-10 10:18 Eric Wong
2016-06-11 0:35 ` Eric Wong
0 siblings, 1 reply; 3+ messages in thread
From: Eric Wong @ 2016-06-10 10:18 UTC (permalink / raw)
To: spew
---
ext/openssl/extconf.rb | 3 +++
ext/openssl/ossl_ssl.c | 41 +++++++++++++++++++++++++++++++++++++++++
test/openssl/test_ssl.rb | 12 ++++++++++++
3 files changed, 56 insertions(+)
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index 0b93aac..9136fde 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -84,6 +84,9 @@
OpenSSL.check_func_or_macro("ENGINE_load_#{name}", "openssl/engine.h")
}
+OpenSSL.check_func_or_macro("SSL_CTX_set_read_ahead", "openssl/ssl.h")
+OpenSSL.check_func_or_macro("SSL_CTX_get_read_ahead", "openssl/ssl.h")
+
# added in 0.9.8X
have_func("EVP_CIPHER_CTX_new")
have_func("EVP_CIPHER_CTX_free")
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 1ee0658..a1eb8b5 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -1074,6 +1074,45 @@ ossl_sslctx_set_ecdh_curves(VALUE self, VALUE arg)
/*
* call-seq:
+ * ctx.read_ahead -> true or false
+ */
+static VALUE
+ossl_sslctx_get_read_ahead(VALUE self)
+{
+#if defined(HAVE_SSL_CTX_GET_READ_AHEAD)
+ SSL_CTX *ctx;
+
+ GetSSLCTX(self, ctx);
+
+ return SSL_CTX_get_read_ahead(ctx) ? Qtrue : Qfalse;
+#else
+ return Qfalse;
+#endif
+}
+
+/*
+ * call-seq:
+ * ctx.read_ahead = boolean -> boolean
+ */
+#if defined(HAVE_SSL_CTX_SET_READ_AHEAD)
+static VALUE
+ossl_sslctx_set_read_ahead(VALUE self, VALUE boolean)
+{
+ SSL_CTX *ctx;
+
+ GetSSLCTX(self, ctx);
+ rb_check_frozen(self);
+
+ SSL_CTX_set_read_ahead(ctx, RTEST(boolean));
+
+ return boolean;
+}
+#else
+#define ossl_sslctx_set_read_ahead rb_f_notimplement
+#endif
+
+/*
+ * call-seq:
* ctx.security_level -> Integer
*
* Returns the security level for the context.
@@ -2449,6 +2488,8 @@ Init_ossl_ssl(void)
rb_define_method(cSSLContext, "ciphers", ossl_sslctx_get_ciphers, 0);
rb_define_method(cSSLContext, "ciphers=", ossl_sslctx_set_ciphers, 1);
rb_define_method(cSSLContext, "ecdh_curves=", ossl_sslctx_set_ecdh_curves, 1);
+ rb_define_method(cSSLContext, "read_ahead", ossl_sslctx_get_read_ahead, 0);
+ rb_define_method(cSSLContext, "read_ahead=", ossl_sslctx_set_read_ahead, 1);
rb_define_method(cSSLContext, "security_level", ossl_sslctx_get_security_level, 0);
rb_define_method(cSSLContext, "security_level=", ossl_sslctx_set_security_level, 1);
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index b1dc223..f3ec8b6 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -1246,6 +1246,18 @@ def test_security_level
skip "FIXME: SSLContext#key= currently does not raise because SSL_CTX_use_certificate() is delayed"
end
+ def test_read_ahead
+ ctx = OpenSSL::SSL::SSLContext.new
+ assert_equal(false, ctx.read_ahead)
+ begin
+ ctx.read_ahead = true
+ rescue NotImplementedError
+ assert_equal(false, ctx.read_ahead)
+ return
+ end
+ assert_equal(true, ctx.read_ahead)
+ end
+
private
def start_server_version(version, ctx_proc=nil, server_proc=nil, &blk)
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] openssl: enable SSLContext read_ahead accessor
2016-06-10 10:18 [PATCH] openssl: enable SSLContext read_ahead accessor Eric Wong
@ 2016-06-11 0:35 ` Eric Wong
2016-06-12 9:46 ` Eric Wong
0 siblings, 1 reply; 3+ messages in thread
From: Eric Wong @ 2016-06-11 0:35 UTC (permalink / raw)
To: spew
Seems to be not worth it testing with yahns and dd | curl
dd if=/dev/zero bs=1M count=1000 | curl -HExpect -T- https://$HOST/
==> yahns -c /path/to/yahns.conf.rb <==
require 'digest/sha1'
require 'benchmark'
require 'openssl'
ctx = OpenSSL::SSL::SSLContext.new
ctx.cert = OpenSSL::X509::Certificate.new(IO.read(
'/etc/ssl/certs/dcvr.yhbt.net.crt'))
ctx.extra_chain_cert = [ OpenSSL::X509::Certificate.new(IO.read(
'/etc/ssl/certs/dcvr.yhbt.net.chain.crt')) ]
ctx.key = OpenSSL::PKey::RSA.new(IO.read(
'/etc/ssl/private/dcvr.yhbt.net.key'))
ctx.set_params(verify_mode: OpenSSL::SSL::VERIFY_NONE)
ctx.read_ahead = true
user "www-data", "www-data"
worker_processes 1
app(:rack, lambda do |env|
input = env['rack.input']
n = 0
nread = 4096
bm = Benchmark.measure do
buf = input.read(nread)
while buf
n += buf.size
buf = input.read(nread, buf)
end
end
b = "#{n}\n#{Benchmark::CAPTION}\n#{bm.to_s}\n"
h = [ %w(Content-Type text/plain), %W(Content-Length #{b.size}) ]
[ 200, h, [ b ] ]
end) do
listen 11443, ssl_ctx: ctx
input_buffering false
client_max_body_size nil
end
queue(:default) { worker_threads 1 } # for cache-friendly benchmarking
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] openssl: enable SSLContext read_ahead accessor
2016-06-11 0:35 ` Eric Wong
@ 2016-06-12 9:46 ` Eric Wong
0 siblings, 0 replies; 3+ messages in thread
From: Eric Wong @ 2016-06-12 9:46 UTC (permalink / raw)
To: spew
# Meh, no benefit without the HTTP parser in the way, either.
require 'digest/sha1'
require 'benchmark'
require 'openssl'
require 'socket'
ctx = OpenSSL::SSL::SSLContext.new
ctx.cert = OpenSSL::X509::Certificate.new(IO.read(
'/etc/ssl/certs/dcvr.yhbt.net.crt'))
ctx.extra_chain_cert = [ OpenSSL::X509::Certificate.new(IO.read(
'/etc/ssl/certs/dcvr.yhbt.net.chain.crt')) ]
ctx.key = OpenSSL::PKey::RSA.new(IO.read(
'/etc/ssl/private/dcvr.yhbt.net.key'))
ctx.set_params(verify_mode: OpenSSL::SSL::VERIFY_NONE)
ctx.read_ahead = true
h = '0.0.0.0'
s = TCPServer.new(h, 0)
th = Thread.new do
system("dd if=/dev/zero bs=1M count=100 | " \
"curl -T- -v -N http://yhbt.net:#{s.addr[1]}/")
end
a = s.accept
input = OpenSSL::SSL::SSLSocket.new(a, ctx)
n = 0
max = 100 * 1024 * 1024
nread = 8192
bm = Benchmark.measure do
buf = input.readpartial(nread)
while buf
n += buf.size
buf = input.readpartial(nread, buf)
break if n > max
end
input.write("HTTP/1.0 200 OK\r\nContent-Type: text/plain\r\n\r\nhello\n")
input.close
a.close
end
th.join
puts "#{n}\n#{Benchmark::CAPTION}\n#{bm.to_s}\n"
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-06-12 9:46 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-06-10 10:18 [PATCH] openssl: enable SSLContext read_ahead accessor Eric Wong
2016-06-11 0:35 ` Eric Wong
2016-06-12 9:46 ` Eric Wong
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).