Add esptest microbenchmark for ESP encryption

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

diff --git a/Makefile.am b/Makefile.am
index 869cc68ce6f46803be617e1e49cd5a5c5f40dfa7..b6d26309bedd1a8e34d504a82fc568c0762626db 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,7 +23,7 @@ AM_CPPFLAGS = -DLOCALEDIR="\"$(localedir)\""
 openconnect_SOURCES = xml.c main.c
 openconnect_CFLAGS = $(AM_CFLAGS) $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS) $(LIBSTOKEN_CFLAGS) $(LIBPSKC_CFLAGS) $(GSSAPI_CFLAGS) $(INTL_CFLAGS) $(ICONV_CFLAGS) $(LIBPCSCLITE_CFLAGS)
 openconnect_LDADD = libopenconnect.la $(SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(INTL_LIBS) $(ICONV_LIBS)
-
+export openconnect_CFLAGS
 if OPENCONNECT_WIN32
 openconnect_SOURCES += openconnect.rc
 endif

diff --git a/libopenconnect.map.in b/libopenconnect.map.in
index 58f04e7635448bfa43a0caeb7e9a163d249eb9e4..015f7b862c619b02fbf74823aa16bf08027b3662 100644 (file)
--- a/libopenconnect.map.in
+++ b/libopenconnect.map.in
@@ -109,6 +109,7 @@ OPENCONNECT_PRIVATE {
        openconnect_open_utf8;
        openconnect_sha1;
        openconnect_version_str;
+       openconnect_setup_esp_keys;
  local:
        *;
 };

diff --git a/tests/Makefile.am b/tests/Makefile.am
index bacf181754d4d060d94996755a714da48272d4ac..59c58fea321e2b6a42379ba876d1849556294154 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -79,7 +79,10 @@ TESTS_ENVIRONMENT = srcdir="$(srcdir)" \
        pkcs11_tokens="$(PKCS11_TOKENS)"
 
 
-C_TESTS = lzstest seqtest
+C_TESTS = lzstest seqtest esptest
+
+esptest_CFLAGS = $(openconnect_CFLAGS)
+esptest_LDADD = ../libopenconnect.la
 
 
 if CHECK_DTLS

diff --git a/tests/esptest.c b/tests/esptest.c
new file mode 100644 (file)
index 0000000..d6c71fa
--- /dev/null
+++ b/tests/esptest.c
@@ -0,0 +1,58 @@
+#include <config.h>
+
+#include "../openconnect-internal.h"
+#include <signal.h>
+
+static void write_progress(void *vpninfo, int level, const char *fmt, ...)
+{
+       va_list args;
+
+       va_start(args, fmt);
+       vprintf(fmt, args);
+       va_end(args);
+}
+
+static int pkt_size = 1400;
+static long count;
+
+static void handle_alrm(int sig)
+{
+        printf("Count reached %ld in 5s (%ld Mb/s)\n", count, count * pkt_size / 5 / 250000);
+        exit(1);
+}
+
+int main(void)
+{
+       struct openconnect_info *vpninfo = openconnect_vpninfo_new("", NULL, NULL, NULL, write_progress, NULL);
+       struct pkt *pkt = malloc(128 + pkt_size);
+       int ret;
+
+       vpninfo->esp_enc = 2; /* AES128-CBC */
+       vpninfo->esp_hmac = 2; /* HMAC-SHA1 */
+       vpninfo->enc_key_len = 16;
+       vpninfo->hmac_key_len = 20;
+
+       vpninfo->esp_out.spi = 0x12345678;
+       memset(vpninfo->esp_out.enc_key, 0x5a, vpninfo->enc_key_len);
+       memset(vpninfo->esp_out.hmac_key, 0x5a, vpninfo->hmac_key_len);
+
+       vpninfo->dtls_state = DTLS_SLEEPING;
+       vpninfo->dtls_addr = (void *)vpninfo;
+
+       ret = openconnect_setup_esp_keys(vpninfo, 0);
+       if (ret) {
+               printf("setup ESP failed: %d\n", ret);
+               exit(1);
+       }
+
+       memset(pkt->data, 0x5a, pkt_size);
+
+        alarm(5);
+        signal(SIGALRM, handle_alrm);
+
+       while (1) {
+               pkt->len = pkt_size;
+               vpninfo->encrypt_esp_packet(vpninfo, pkt);
+               count++;
+       }
+}