deps: add -no_rand_screen to openssl s_client

Shigeki Ohtsu · MylesBorins · commit e6c308e2375c · 2017-12-07T13:21:36.000-05:00
In openssl s_client on Windows, RAND_screen() is invoked to initialize random state but it takes several seconds in each connection. This added -no_rand_screen to openssl s_client on Windows to skip RAND_screen() and gets a better performance in the unit test of test-tls-server-verify. Do not enable this except to use in the unit test. Fixes: #1461 PR-URL: #1836 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
diff --git a/deps/openssl/openssl/apps/app_rand.c b/deps/openssl/openssl/apps/app_rand.c
@@ -124,7 +124,16 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
 char buffer[200];
 
 #ifdef OPENSSL_SYS_WINDOWS
- RAND_screen();
+ /*
+ * allocate 2 to dont_warn not to use RAND_screen() via
+ * -no_rand_screen option in s_client
+ */
+ if (dont_warn != 2){
+ BIO_printf(bio_e, "Loading 'screen' into random state -");
+ BIO_flush(bio_e);
+ RAND_screen();
+ BIO_printf(bio_e, " done\n");
+ }
 #endif
 
 if (file == NULL)
diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c
@@ -236,6 +236,7 @@ static BIO *bio_c_msg = NULL;
 static int c_quiet = 0;
 static int c_ign_eof = 0;
 static int c_brief = 0;
+static int c_no_rand_screen = 0;
 
 #ifndef OPENSSL_NO_PSK
 /* Default PSK identity and key */
@@ -451,6 +452,10 @@ static void sc_usage(void)
 " -keymatexport label - Export keying material using label\n");
 BIO_printf(bio_err,
 " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
+#ifdef OPENSSL_SYS_WINDOWS
+ BIO_printf(bio_err,
+ " -no_rand_screen - Do not use RAND_screen() to initialize random state\n");
+#endif
 }
 
 #ifndef OPENSSL_NO_TLSEXT
@@ -1144,6 +1149,10 @@ int MAIN(int argc, char **argv)
 keymatexportlen = atoi(*(++argv));
 if (keymatexportlen == 0)
 goto bad;
+#ifdef OPENSSL_SYS_WINDOWS
+ } else if (strcmp(*argv, "-no_rand_screen") == 0){
+ c_no_rand_screen = 1;
+#endif
 } else{
 BIO_printf(bio_err, "unknown option %s\n", *argv);
 badop = 1;
@@ -1260,7 +1269,7 @@ int MAIN(int argc, char **argv)
 if (!load_excert(&exc, bio_err))
 goto end;
 
- if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+ if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL
 && !RAND_status()){
 BIO_printf(bio_err,
 "warning, not much extra random data, consider using the -rand option\n");

-Original file line number
+Diff line change
 staticintc_quiet=0;
 staticintc_ign_eof=0;
 staticintc_brief=0;
 +staticintc_no_rand_screen=0;
 #ifndefOPENSSL_NO_PSK
 /* Default PSK identity and key */
 " -keymatexport label - Export keying material using label\n");
 BIO_printf(bio_err,
 " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
 +#ifdefOPENSSL_SYS_WINDOWS
 +BIO_printf(bio_err,
 +" -no_rand_screen - Do not use RAND_screen() to initialize random state\n");
 +#endif
+}
 #ifndefOPENSSL_NO_TLSEXT
 keymatexportlen=atoi(*(++argv));
 if (keymatexportlen==0)
  goto bad;
 +#ifdefOPENSSL_SYS_WINDOWS
 + } elseif (strcmp(*argv, "-no_rand_screen") ==0){
 +c_no_rand_screen=1;
 +#endif
  } else{
 BIO_printf(bio_err, "unknown option %s\n", *argv);
 badop=1;
 if (!load_excert(&exc, bio_err))
  goto end;
 -if (!app_RAND_load_file(NULL, bio_err, 1) &&inrand== NULL
 +if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) &&inrand==NULL
 && !RAND_status()){
 BIO_printf(bio_err,
 "warning, not much extra random data, consider using the -rand option\n");