From 56de3bfb7001dcf8fd3256b729989457ecda1139 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alex=20Fern=C3=A1ndez?= Date: Fri, 27 Apr 2018 17:18:29 +0200 Subject: [PATCH] benchmark: add tls benchmark for legacy SecurePair MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR-URL: https://github.com/nodejs/node/pull/20344 Refs: https://github.com/nodejs/node/issues/20263 Reviewed-By: James M Snell Reviewed-By: Benjamin Gruenbaum Reviewed-By: Tobias Nießen --- benchmark/tls/secure-pair.js | 105 ++++++++++++++++++++++++++ test/sequential/test-benchmark-tls.js | 1 + 2 files changed, 106 insertions(+) create mode 100644 benchmark/tls/secure-pair.js diff --git a/benchmark/tls/secure-pair.js b/benchmark/tls/secure-pair.js new file mode 100644 index 00000000000000..ed678b9060983e --- /dev/null +++ b/benchmark/tls/secure-pair.js @@ -0,0 +1,105 @@ +'use strict'; +const common = require('../common.js'); +const bench = common.createBenchmark(main, { + dur: [5], + securing: ['SecurePair', 'TLSSocket'], + size: [2, 1024, 1024 * 1024] +}); + +const fs = require('fs'); +const tls = require('tls'); +const net = require('net'); +const path = require('path'); + +const cert_dir = path.resolve(__dirname, '../../test/fixtures'); +const REDIRECT_PORT = 28347; + +function main({ dur, size, securing }) { + const chunk = Buffer.alloc(size, 'b'); + + const options = { + key: fs.readFileSync(`${cert_dir}/test_key.pem`), + cert: fs.readFileSync(`${cert_dir}/test_cert.pem`), + ca: [ fs.readFileSync(`${cert_dir}/test_ca.pem`) ], + ciphers: 'AES256-GCM-SHA384', + isServer: true, + requestCert: true, + rejectUnauthorized: true, + }; + + const server = net.createServer(onRedirectConnection); + server.listen(REDIRECT_PORT, () => { + const proxy = net.createServer(onProxyConnection); + proxy.listen(common.PORT, () => { + const clientOptions = { + port: common.PORT, + ca: options.ca, + key: options.key, + cert: options.cert, + isServer: false, + rejectUnauthorized: false, + }; + const conn = tls.connect(clientOptions, () => { + setTimeout(() => { + const mbits = (received * 8) / (1024 * 1024); + bench.end(mbits); + if (conn) + conn.destroy(); + server.close(); + proxy.close(); + }, dur * 1000); + bench.start(); + conn.on('drain', write); + write(); + }); + conn.on('error', (e) => { + throw new Error(`Client error: ${e}`); + }); + + function write() { + while (false !== conn.write(chunk)); + } + }); + }); + + function onProxyConnection(conn) { + const client = net.connect(REDIRECT_PORT, () => { + switch (securing) { + case 'SecurePair': + securePair(conn, client); + break; + case 'TLSSocket': + secureTLSSocket(conn, client); + break; + default: + throw new Error('Invalid securing method'); + } + }); + } + + function securePair(conn, client) { + const serverCtx = tls.createSecureContext(options); + const serverPair = tls.createSecurePair(serverCtx, true, true, false); + conn.pipe(serverPair.encrypted); + serverPair.encrypted.pipe(conn); + serverPair.on('error', (error) => { + throw new Error(`Pair error: ${error}`); + }); + serverPair.cleartext.pipe(client); + } + + function secureTLSSocket(conn, client) { + const serverSocket = new tls.TLSSocket(conn, options); + serverSocket.on('error', (e) => { + throw new Error(`Socket error: ${e}`); + }); + serverSocket.pipe(client); + } + + let received = 0; + function onRedirectConnection(conn) { + conn.on('data', (chunk) => { + received += chunk.length; + }); + } +} diff --git a/test/sequential/test-benchmark-tls.js b/test/sequential/test-benchmark-tls.js index 3545955e3ab5b0..40c14af8302bdb 100644 --- a/test/sequential/test-benchmark-tls.js +++ b/test/sequential/test-benchmark-tls.js @@ -20,6 +20,7 @@ runBenchmark('tls', 'dur=0.1', 'n=1', 'size=2', + 'securing=SecurePair', 'type=asc' ], {