Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

benchmark: add secure-pair benchmark #20344

Closed
wants to merge 4 commits into from
Closed
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
105 changes: 105 additions & 0 deletions benchmark/tls/secure-pair.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
'use strict';
const common = require('../common.js');
const bench = common.createBenchmark(main, {
dur: [5],
securing: ['SecurePair', 'TLSSocket'],
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add 'securing=SecurePair' to ./test/sequential/test-benchmark-tls.js in the array with the other options there. Otherwise the test will run twice the duration it has to.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@BridgeAR Done in commit 487a327.

size: [2, 1024, 1024 * 1024]
});

const fs = require('fs');
const tls = require('tls');
const net = require('net');
const path = require('path');

const cert_dir = path.resolve(__dirname, '../../test/fixtures');
const REDIRECT_PORT = 28347;

function main({ dur, size, securing }) {
const chunk = Buffer.alloc(size, 'b');

const options = {
key: fs.readFileSync(`${cert_dir}/test_key.pem`),
cert: fs.readFileSync(`${cert_dir}/test_cert.pem`),
ca: [ fs.readFileSync(`${cert_dir}/test_ca.pem`) ],
ciphers: 'AES256-GCM-SHA384',
isServer: true,
requestCert: true,
rejectUnauthorized: true,
};

const server = net.createServer(onRedirectConnection);
server.listen(REDIRECT_PORT, () => {
const proxy = net.createServer(onProxyConnection);
proxy.listen(common.PORT, () => {
const clientOptions = {
port: common.PORT,
ca: options.ca,
key: options.key,
cert: options.cert,
isServer: false,
rejectUnauthorized: false,
};
const conn = tls.connect(clientOptions, () => {
setTimeout(() => {
const mbits = (received * 8) / (1024 * 1024);
bench.end(mbits);
if (conn)
conn.destroy();
server.close();
proxy.close();
}, dur * 1000);
bench.start();
conn.on('drain', write);
write();
});
conn.on('error', (e) => {
throw new Error('Client error: ' + e);
});

function write() {
while (false !== conn.write(chunk));
}
});
});

function onProxyConnection(conn) {
const client = net.connect(REDIRECT_PORT, () => {
switch (securing) {
case 'SecurePair':
securePair(conn, client);
break;
case 'TLSSocket':
secureTLSSocket(conn, client);
break;
default:
throw new Error('Invalid securing method');
}
});
}

function securePair(conn, client) {
const serverCtxt = tls.createSecureContext(options);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Micro nit: We usually abbreviate context as ctx within our codebase so I'd prefer serverCtx for consistency.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in commit 53cd71f.

const serverPair = tls.createSecurePair(serverCtxt, true, true, false);
conn.pipe(serverPair.encrypted);
serverPair.encrypted.pipe(conn);
serverPair.on('error', (error) => {
throw new Error('Pair error: ' + error);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could use a template literal instead.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in commit c17c783.

});
serverPair.cleartext.pipe(client);
}

function secureTLSSocket(conn, client) {
const serverSocket = new tls.TLSSocket(conn, options);
serverSocket.on('error', (e) => {
throw new Error('Socket error: ' + e);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in commit c17c783.

});
serverSocket.pipe(client);
}

let received = 0;
function onRedirectConnection(conn) {
conn.on('data', (chunk) => {
received += chunk.length;
});
}
}
1 change: 1 addition & 0 deletions test/sequential/test-benchmark-tls.js
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ runBenchmark('tls',
'dur=0.1',
'n=1',
'size=2',
'securing=SecurePair',
'type=asc'
],
{
Expand Down