-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
benchmark: add secure-pair benchmark #20344
Changes from 2 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
'use strict'; | ||
const common = require('../common.js'); | ||
const bench = common.createBenchmark(main, { | ||
dur: [5], | ||
securing: ['SecurePair', 'TLSSocket'], | ||
size: [2, 1024, 1024 * 1024] | ||
}); | ||
|
||
const fs = require('fs'); | ||
const tls = require('tls'); | ||
const net = require('net'); | ||
const path = require('path'); | ||
|
||
const cert_dir = path.resolve(__dirname, '../../test/fixtures'); | ||
const REDIRECT_PORT = 28347; | ||
|
||
function main({ dur, size, securing }) { | ||
const chunk = Buffer.alloc(size, 'b'); | ||
|
||
const options = { | ||
key: fs.readFileSync(`${cert_dir}/test_key.pem`), | ||
cert: fs.readFileSync(`${cert_dir}/test_cert.pem`), | ||
ca: [ fs.readFileSync(`${cert_dir}/test_ca.pem`) ], | ||
ciphers: 'AES256-GCM-SHA384', | ||
isServer: true, | ||
requestCert: true, | ||
rejectUnauthorized: true, | ||
}; | ||
|
||
const server = net.createServer(onRedirectConnection); | ||
server.listen(REDIRECT_PORT, () => { | ||
const proxy = net.createServer(onProxyConnection); | ||
proxy.listen(common.PORT, () => { | ||
const clientOptions = { | ||
port: common.PORT, | ||
ca: options.ca, | ||
key: options.key, | ||
cert: options.cert, | ||
isServer: false, | ||
rejectUnauthorized: false, | ||
}; | ||
const conn = tls.connect(clientOptions, () => { | ||
setTimeout(() => { | ||
const mbits = (received * 8) / (1024 * 1024); | ||
bench.end(mbits); | ||
if (conn) | ||
conn.destroy(); | ||
server.close(); | ||
proxy.close(); | ||
}, dur * 1000); | ||
bench.start(); | ||
conn.on('drain', write); | ||
write(); | ||
}); | ||
conn.on('error', (e) => { | ||
throw new Error('Client error: ' + e); | ||
}); | ||
|
||
function write() { | ||
while (false !== conn.write(chunk)); | ||
} | ||
}); | ||
}); | ||
|
||
function onProxyConnection(conn) { | ||
const client = net.connect(REDIRECT_PORT, () => { | ||
switch (securing) { | ||
case 'SecurePair': | ||
securePair(conn, client); | ||
break; | ||
case 'TLSSocket': | ||
secureTLSSocket(conn, client); | ||
break; | ||
default: | ||
throw new Error('Invalid securing method'); | ||
} | ||
}); | ||
} | ||
|
||
function securePair(conn, client) { | ||
const serverCtxt = tls.createSecureContext(options); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Micro nit: We usually abbreviate context as There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done in commit 53cd71f. |
||
const serverPair = tls.createSecurePair(serverCtxt, true, true, false); | ||
conn.pipe(serverPair.encrypted); | ||
serverPair.encrypted.pipe(conn); | ||
serverPair.on('error', (error) => { | ||
throw new Error('Pair error: ' + error); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This could use a template literal instead. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done in commit c17c783. |
||
}); | ||
serverPair.cleartext.pipe(client); | ||
} | ||
|
||
function secureTLSSocket(conn, client) { | ||
const serverSocket = new tls.TLSSocket(conn, options); | ||
serverSocket.on('error', (e) => { | ||
throw new Error('Socket error: ' + e); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Same here. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done in commit c17c783. |
||
}); | ||
serverSocket.pipe(client); | ||
} | ||
|
||
let received = 0; | ||
function onRedirectConnection(conn) { | ||
conn.on('data', (chunk) => { | ||
received += chunk.length; | ||
}); | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,6 +20,7 @@ runBenchmark('tls', | |
'dur=0.1', | ||
'n=1', | ||
'size=2', | ||
'securing=SecurePair', | ||
'type=asc' | ||
], | ||
{ | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add
'securing=SecurePair'
to./test/sequential/test-benchmark-tls.js
in the array with the other options there. Otherwise the test will run twice the duration it has to.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@BridgeAR Done in commit 487a327.