deps: add -no_rand_screen to openssl s_client

Shigeki Ohtsu · Shigeki Ohtsu · commit 2b63396e1f3f · 2016-05-05T21:44:48.000+09:00
In openssl s_client on Windows, RAND_screen() is invoked to initialize random state but it takes several seconds in each connection. This added -no_rand_screen to openssl s_client on Windows to skip RAND_screen() and gets a better performance in the unit test of test-tls-server-verify. Do not enable this except to use in the unit test. (cherry picked from commit 9f0f7c38e6df975dd39735d0e9ef968076369c74) Reviewed-By: James M Snell <jasnell@gmail.com> PR-URL: nodejs/node-v0.x-archive#25368
diff --git a/deps/openssl/openssl/apps/app_rand.c b/deps/openssl/openssl/apps/app_rand.c
@@ -124,10 +124,16 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
     char buffer[200];
 
 #ifdef OPENSSL_SYS_WINDOWS
-    BIO_printf(bio_e, "Loading 'screen' into random state -");
-    BIO_flush(bio_e);
-    RAND_screen();
-    BIO_printf(bio_e, " done\n");
+    /*
+     * allocate 2 to dont_warn not to use RAND_screen() via
+     * -no_rand_screen option in s_client
+     */
+    if (dont_warn != 2) {
+      BIO_printf(bio_e, "Loading 'screen' into random state -");
+      BIO_flush(bio_e);
+      RAND_screen();
+      BIO_printf(bio_e, " done\n");
+    }
 #endif
 
     if (file == NULL)
diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c
@@ -233,6 +233,7 @@ static int ocsp_resp_cb(SSL *s, void *arg);
 static BIO *bio_c_out = NULL;
 static int c_quiet = 0;
 static int c_ign_eof = 0;
+static int c_no_rand_screen = 0;
 
 #ifndef OPENSSL_NO_PSK
 /* Default PSK identity and key */
@@ -435,6 +436,10 @@ static void sc_usage(void)
                " -keymatexport label   - Export keying material using label\n");
     BIO_printf(bio_err,
                " -keymatexportlen len  - Export len bytes of keying material (default 20)\n");
+#ifdef OPENSSL_SYS_WINDOWS
+    BIO_printf(bio_err,
+               " -no_rand_screen  - Do not use RAND_screen() to initialize random state\n");
+#endif
 }
 
 #ifndef OPENSSL_NO_TLSEXT
@@ -1011,6 +1016,10 @@ int MAIN(int argc, char **argv)
             keymatexportlen = atoi(*(++argv));
             if (keymatexportlen == 0)
                 goto bad;
+#ifdef OPENSSL_SYS_WINDOWS
+        } else if (strcmp(*argv, "-no_rand_screen") == 0) {
+          c_no_rand_screen = 1;
+#endif
         } else {
             BIO_printf(bio_err, "unknown option %s\n", *argv);
             badop = 1;
@@ -1094,7 +1103,7 @@ int MAIN(int argc, char **argv)
         }
     }
 
-    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+    if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL
         && !RAND_status()) {
         BIO_printf(bio_err,
                    "warning, not much extra random data, consider using the -rand option\n");
