openssl/trunk/test/times


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

More number for the questions about SSL overheads....

The following numbers were generated on a pentium pro 200, running linux.
They give an indication of the SSL protocol and encryption overheads.

The program that generated them is an unreleased version of ssl/ssltest.c
which is the SSLeay ssl protocol testing program.  It is a single process that
talks both sides of the SSL protocol via a non-blocking memory buffer
interface.

How do I read this?  The protocol and cipher are reasonable obvious.
The next number is the number of connections being made.  The next is the
number of bytes exchanged bewteen the client and server side of the protocol.
This is the number of bytes that the client sends to the server, and then
the server sends back.  Because this is all happening in one process,
the data is being encrypted, decrypted, encrypted and then decrypted again.
It is a round trip of that many bytes.  Because the one process performs
both the client and server sides of the protocol and it sends this many bytes
each direction, multiply this number by 4 to generate the number
of bytes encrypted/decrypted/MACed.  The first time value is how many seconds
elapsed doing a full SSL handshake, the second is the cost of one
full handshake and the rest being session-id reuse.

SSLv2 RC4-MD5      1000 x      1   12.83s   0.70s
SSLv3 NULL-MD5     1000 x      1   14.35s   1.47s
SSLv3 RC4-MD5      1000 x      1   14.46s   1.56s
SSLv3 RC4-MD5      1000 x      1   51.93s   1.62s 1024bit RSA
SSLv3 RC4-SHA      1000 x      1   14.61s   1.83s
SSLv3 DES-CBC-SHA  1000 x      1   14.70s   1.89s
SSLv3 DES-CBC3-SHA 1000 x      1   15.16s   2.16s

SSLv2 RC4-MD5      1000 x   1024   13.72s   1.27s
SSLv3 NULL-MD5     1000 x   1024   14.79s   1.92s
SSLv3 RC4-MD5      1000 x   1024   52.58s   2.29s 1024bit RSA
SSLv3 RC4-SHA      1000 x   1024   15.39s   2.67s
SSLv3 DES-CBC-SHA  1000 x   1024   16.45s   3.55s
SSLv3 DES-CBC3-SHA 1000 x   1024   18.21s   5.38s

SSLv2 RC4-MD5      1000 x  10240   18.97s   6.52s
SSLv3 NULL-MD5     1000 x  10240   17.79s   5.11s
SSLv3 RC4-MD5      1000 x  10240   20.25s   7.90s
SSLv3 RC4-MD5      1000 x  10240   58.26s   8.08s 1024bit RSA
SSLv3 RC4-SHA      1000 x  10240   22.96s  11.44s
SSLv3 DES-CBC-SHA  1000 x  10240   30.65s  18.41s
SSLv3 DES-CBC3-SHA 1000 x  10240   47.04s  34.53s

SSLv2 RC4-MD5      1000 x 102400   70.22s  57.74s
SSLv3 NULL-MD5     1000 x 102400   43.73s  31.03s
SSLv3 RC4-MD5      1000 x 102400   71.32s  58.83s
SSLv3 RC4-MD5      1000 x 102400  109.66s  59.20s 1024bit RSA
SSLv3 RC4-SHA      1000 x 102400   95.88s  82.21s
SSLv3 DES-CBC-SHA  1000 x 102400  173.22s 160.55s
SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s

What does this all mean?  Well for a server, with no session-id reuse, with
a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
about 49 connections a second.  Reality will be quite different :-).

Remeber the first number is 1000 full ssl handshakes, the second is
1 full and 999 with session-id reuse.  The RSA overheads for each exchange
would be one public and one private operation, but the protocol/MAC/cipher
cost would be quite similar in both the client and server.

eric (adding numbers to speculation)

--- Appendix ---
- The time measured is user time but these number a very rough.
- Remember this is the cost of both client and server sides of the protocol.
- The TCP/kernal overhead of connection establishment is normally the
  killer in SSL.  Often delays in the TCP protocol will make session-id
  reuse look slower that new sessions, but this would not be the case on
  a loaded server.
- The TCP round trip latencies, while slowing indervidual connections,
  would have minimal impact on throughput.
- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
- the required number of bytes are processed.
- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
- A 512bit server key was being used except where noted.
- No server key verification was being performed on the client side of the
  protocol.  This would slow things down very little.
- The library being used is SSLeay 0.8.x.
- The normal mesauring system was commands of the form
  time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
  This modified version of ssltest should be in the next public release of
  SSLeay.

The general cipher performace number for this platform are

SSLeay 0.8.2a 04-Sep-1997
built on Fri Sep  5 17:37:05 EST 1997
options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized 
The 'numbers' are in 1000s of bytes per second processed.
type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
md2               131.02k      368.41k      500.57k      549.21k      566.09k
mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
                  sign    verify
rsa  512 bits   0.0100s   0.0011s
rsa 1024 bits   0.0451s   0.0012s
rsa 2048 bits   0.2605s   0.0086s
rsa 4096 bits   1.6883s   0.0302s
# $Id$
#
# Copyright (C) 2013--2014  Dragon Research Labs ("DRL")
# Portions copyright (C) 2009--2012  Internet Systems Consortium ("ISC")
# Portions copyright (C) 2007--2008  American Registry for Internet Numbers ("ARIN")
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notices and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL
# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL DRL,
# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

"""
RPKI publication engine.
"""

import os
import re
import uuid
import time
import socket
import logging
import argparse

import rpki.resource_set
import rpki.up_down
import rpki.x509
import rpki.sql
import rpki.config
import rpki.exceptions
import rpki.relaxng
import rpki.log
import rpki.publication
import rpki.publication_control
import rpki.daemonize
import rpki.http_simple

from lxml.etree import Element, SubElement, tostring as ElementToString

logger = logging.getLogger(__name__)


rrdp_xmlns   = rpki.relaxng.rrdp.xmlns
rrdp_nsmap   = rpki.relaxng.rrdp.nsmap
rrdp_version = "1"

rpki_content_type = "application/x-rpki"


def DERSubElement(elt, name, der, attrib = None, **kwargs):
  """
  Convenience wrapper around SubElement for use with Base64 text.
  """

  se = SubElement(elt, name, attrib, **kwargs)
  se.text = rpki.x509.base64_with_linebreaks(der)
  se.tail = "\n"
  return se


class main(object):
  """
  Main program for pubd.
  """

  def __init__(self):

    os.environ["TZ"] = "UTC"
    time.tzset()

    self.irbe_cms_timestamp = None

    parser = argparse.ArgumentParser(description = __doc__)
    parser.add_argument("-c", "--config",
                        help = "override default location of configuration file")
    parser.add_argument("-f", "--foreground", action = "store_true",
                        help = "do not daemonize")
    parser.add_argument("--pidfile",
                        help = "override default location of pid file")
    parser.add_argument("--profile",
                        help = "enable profiling, saving data to PROFILE")
    rpki.log.argparse_setup(parser)
    args = parser.parse_args()

    self.profile = args.profile

    rpki.log.init("pubd", args)

    self.cfg = rpki.config.parser(args.config, "pubd")
    self.cfg.set_global_flags()

    if not args.foreground:
      rpki.daemonize.daemon(pidfile = args.pidfile)

    if self.profile:
      import cProfile
      prof = cProfile.Profile()
      try:
        prof.runcall(self.main)
      finally:
        prof.dump_stats(self.profile)
        logger.info("Dumped profile data to %s", self.profile)
    else:
      self.main()

  def main(self):

    if self.profile:
      logger.info("Running in profile mode with output to %s", self.profile)

    self.sql = rpki.sql.session(self.cfg, autocommit = False)

    self.bpki_ta   = rpki.x509.X509(Auto_update = self.cfg.get("bpki-ta"))
    self.irbe_cert = rpki.x509.X509(Auto_update = self.cfg.get("irbe-cert"))
    self.pubd_cert = rpki.x509.X509(Auto_update = self.cfg.get("pubd-cert"))
    self.pubd_key  = rpki.x509.RSA( Auto_update = self.cfg.get("pubd-key"))
    self.pubd_crl  = rpki.x509.CRL( Auto_update = self.cfg.get("pubd-crl"))

    self.http_server_host = self.cfg.get("server-host", "")
    self.http_server_port = self.cfg.getint("server-port")

    self.publication_base = self.cfg.get("publication-base", "publication/")

    self.rrdp_uri_base = self.cfg.get("rrdp-uri-base",
                                      "http://%s/rrdp/" % socket.getfqdn())
    self.rrdp_expiration_interval = rpki.sundial.timedelta.parse(self.cfg.get("rrdp-expiration-interval", "6h"))
    self.rrdp_publication_base = self.cfg.get("rrdp-publication-base",
                                              "rrdp-publication/")

    self.session = session_obj.fetch(self)

    rpki.http_simple.server(
      host     = self.http_server_host,
      port     = self.http_server_port,
      handlers = (("/control", self.control_handler),
                  ("/client/", self.client_handler)))


  def rrdp_filename_to_uri(self, fn):
    return "%s/%s" % (self.rrdp_uri_base.rstrip("/"), fn)


  def control_handler(self, request, q_der):
    """
    Process one PDU from the IRBE.
    """

    # This is still structured with callbacks as if it were
    # asynchronous, because a lot of the grunt work is done by code in
    # rpki.xml_utils.  If and when we get around to re-writing the
    # left-right and publication-control protocols to use lxml.etree
    # directly, most of the rpki.xml_utils code will go away, but for
    # the moment it's simplest to preserve the weird calling sequences.

    def done(r_msg):
      self.sql.commit()
      request.send_cms_response(rpki.publication_control.cms_msg().wrap(r_msg, self.pubd_key, self.pubd_cert))
      self.sql.commit()

    try:
      q_cms = rpki.publication_control.cms_msg(DER = q_der)
      q_msg = q_cms.unwrap((self.bpki_ta, self.irbe_cert))
      self.irbe_cms_timestamp = q_cms.check_replay(self.irbe_cms_timestamp, "control")
      q_msg.serve_top_level(self, done)
    except Exception, e:
      logger.exception("Unhandled exception processing control query, path %r", request.path)
      request.send_error(500, "Unhandled exception %s: %s" % (e.__class__.__name__, e))


  client_url_regexp = re.compile("/client/([-A-Z0-9_/]+)$", re.I)

  def client_handler(self, request, q_der):
    """
    Process one PDU from a client.
    """

    try:
      match = self.client_url_regexp.search(request.path)
      if match is None:
        raise rpki.exceptions.BadContactURL("Bad path: %s" % request.path)
      client_handle = match.group(1)
      client = rpki.publication_control.client_elt.sql_fetch_where1(self, "client_handle = %s", (client_handle,))
      if client is None:
        raise rpki.exceptions.ClientNotFound("Could not find client %s" % client_handle)
      q_cms = rpki.publication.cms_msg(DER = q_der)
      q_msg = q_cms.unwrap((self.bpki_ta, client.bpki_cert, client.bpki_glue))
      q_cms.check_replay_sql(client, client.client_handle)
      if not q_msg.is_query():
        raise rpki.exceptions.BadQuery("Message type is not query")
      r_msg = q_msg.__class__.reply()
      delta = None
      failed = False
      for q_pdu in q_msg:
        try:
          if isinstance(q_pdu, rpki.publication.list_elt):
            for obj in client.objects:
              r_pdu = q_pdu.__class__()
              r_pdu.tag = q_pdu.tag
              r_pdu.uri = obj.uri
              r_pdu.hash = obj.hash
              r_msg.append(r_pdu)
          else:
            if delta is None and not failed:
              delta = self.session.new_delta()
            q_pdu.gctx = self
            q_pdu.client = client
            q_pdu.client.check_allowed_uri(q_pdu.uri)
            q_pdu.serve_action(delta)
            r_pdu = q_pdu.__class__()
            r_pdu.tag = q_pdu.tag
            r_pdu.uri = q_pdu.uri
            r_msg.append(r_pdu)
        except Exception, e:
          if not isinstance(e, rpki.exceptions.NotFound):
            logger.exception("Exception processing PDU %r", q_pdu)
          r_msg.append(rpki.publication.report_error_elt.from_exception(e, q_pdu.tag))
          failed = True
          if delta is not None:
            delta.sql_delete()
            self.session.serial -= 1
            self.session.sql_mark_dirty()

      if delta is not None:
        assert not failed
        delta.activate()
        self.sql.sweep()
        self.session.generate_snapshot()
        self.sql.commit()

        # These could be merged, and perhaps should be, among other
        # reasons because we need to do something about expiring old
        # deltas and deleting old XML files, and it's probably easier
        # to avoid race conditions if we do this all in one place.

        self.session.write_deltas()
        self.session.write_snapshot()
        self.session.write_notification()

        # Somewhere around here is also where we should finally write
        # stuff out to rsync store, now that SQL is the publication
        # database of record.  This may require doing the filesystem
        # updates from the delta, but that should be straightforward.

      request.send_cms_response(rpki.publication.cms_msg().wrap(r_msg, self.pubd_key, self.pubd_cert, self.pubd_crl))
      self.sql.commit()

    except Exception, e:
      logger.exception("Unhandled exception processing client query, path %r", request.path)
      self.sql.rollback()
      request.send_error(500, "Could not process PDU: %s" % e)


  def uri_to_filename(self, uri):
    """
    Convert a URI to a local filename.
    """

    if not uri.startswith("rsync://"):
      raise rpki.exceptions.BadURISyntax(uri)
    path = uri.split("/")[4:]
    path.insert(0, self.publication_base.rstrip("/"))
    filename = "/".join(path)
    if "/../" in filename or filename.endswith("/.."):
      raise rpki.exceptions.BadURISyntax(filename)
    return filename


class session_obj(rpki.sql.sql_persistent):
  """
  An RRDP session.
  """

  sql_template = rpki.sql.template(
    "session",
    "session_id",
    "uuid",
    "serial",
    "snapshot",
    "hash")

  def __repr__(self):
    return rpki.log.log_repr(self, self.uuid, self.serial)

  @classmethod
  def fetch(cls, gctx):
    """
    Fetch the one and only session, creating it if necessary.
    """

    self = cls.sql_fetch(gctx, 1)
    if self is None:
      self = cls()
      self.uuid = str(uuid.uuid4())
      self.serial = 0
      self.snapshot = None
      self.hash = None
      self.gctx = gctx
      self.sql_store()
    return self

  @property
  def objects(self):
    return object_obj.sql_fetch_where(self.gctx, "session_id = %s", (self.session_id,))

  @property
  def deltas(self):
    return delta_obj.sql_fetch_where(self.gctx, "session_id = %s", (self.session_id,))

  def new_delta(self):
    return delta_obj.create(self)

  def expire_deltas(self):
    for delta in delta_obj.sql_fetch_where(self.gctx,
                                           "session_id = %s AND expires IS NOT NULL AND expires < %s",
                                           (self.session_id, rpki.sundial.now())):
      delta.sql_delete()

  def write_rrdp_file(self, fn, text, overwrite = False):
    """
    Save RRDP XML to disk.
    """

    if overwrite or not os.path.exists(os.path.join(self.gctx.rrdp_publication_base, fn)):
      tn = os.path.join(self.gctx.rrdp_publication_base, fn + ".%s.tmp" % os.getpid())
      if not os.path.isdir(os.path.dirname(tn)):
        os.makedirs(os.path.dirname(tn))
      with open(tn, "w") as f:
        f.write(text)
      os.rename(tn, os.path.join(self.gctx.rrdp_publication_base, fn))

  def generate_snapshot(self):
    """
    Generate an XML snapshot of this session.
    """

    xml = Element(rrdp_xmlns + "snapshot", nsmap = rrdp_nsmap,
                  version = rrdp_version,
                  session_id = self.uuid,
                  serial = str(self.serial))
    xml.text = "\n"
    for obj in self.objects:
      DERSubElement(xml, rrdp_xmlns + "publish",
                    der = obj.der,
                    uri = obj.uri)
    rpki.relaxng.rrdp.assertValid(xml)
    self.snapshot = ElementToString(xml, pretty_print = True)
    self.hash = rpki.x509.sha256(self.snapshot).encode("hex")
    self.sql_store()

  @property
  def snapshot_fn(self):
    return "%s/snapshot/%s.xml" % (self.uuid, self.serial)

  @property
  def notification_fn(self):
    return "updates.xml"

  def write_snapshot(self):
    """
    Write current session snapshot to disk.
    """

    self.write_rrdp_file(self.snapshot_fn, self.snapshot)

  def write_deltas(self):
    """
    Write any missing deltas to disk.
    """

    for delta in self.deltas:
      self.write_rrdp_file(delta.fn, delta.xml)

  def write_notification(self):
    """
    Write current notification file to disk.
    """

    xml = Element(rrdp_xmlns + "notification", nsmap = rrdp_nsmap,
                  version = rrdp_version,
                  session_id = self.uuid,
                  serial = str(self.serial))
    SubElement(xml, rrdp_xmlns + "snapshot",
               uri = self.gctx.rrdp_filename_to_uri(self.snapshot_fn),
               hash = self.hash)
    for delta in self.deltas:
      se = SubElement(xml, rrdp_xmlns + "delta",
                      to = str(delta.serial),
                      uri = self.gctx.rrdp_filename_to_uri(delta.fn),
                      hash =  delta.hash)
      se.set("from", str(delta.serial - 1))
    rpki.relaxng.rrdp.assertValid(xml)
    self.write_rrdp_file(self.notification_fn,
                         ElementToString(xml, pretty_print = True),
                         overwrite = True)


class delta_obj(rpki.sql.sql_persistent):
  """
  An RRDP delta.
  """

  sql_template = rpki.sql.template(
    "delta",
    "delta_id",
    "session_id",
    "serial",
    "xml",
    "hash",
    ("expires", rpki.sundial.datetime))

  @property
  @rpki.sql.cache_reference
  def session(self):
    return session_obj.sql_fetch(self.gctx, self.session_id)

  @property
  def fn(self):
    return "%s/deltas/%s-%s.xml" % (self.session.uuid, self.serial - 1, self.serial)

  @classmethod
  def create(cls, session):
    self = cls()
    session.serial += 1
    session.sql_mark_dirty()
    self.gctx = session.gctx
    self.session_id = session.session_id
    self.serial = session.serial
    self.xml = None
    self.hash = None
    self.expires = rpki.sundial.now() + self.gctx.rrdp_expiration_interval
    self.deltas = Element(rrdp_xmlns + "deltas", nsmap = rrdp_nsmap,
                          to = str(self.serial),
                          version =  rrdp_version,
                          session_id = session.uuid)
    self.deltas.set("from", str(self.serial - 1))
    SubElement(self.deltas, rrdp_xmlns + "delta", serial = str(self.serial)).text = "\n"
    return self

  def activate(self):
    rpki.relaxng.rrdp.assertValid(self.deltas)
    self.xml = ElementToString(self.deltas, pretty_print = True)
    self.hash = rpki.x509.sha256(self.xml).encode("hex")
    del self.deltas
    self.sql_mark_dirty()

  def publish(self, client, der, uri, hash):
    obj = object_obj.current_object_at_uri(client, self, uri)
    if obj is not None and obj.hash == hash:
      obj.delete(self)
    elif obj is not None:
      raise rpki.exceptions.ExistingObjectAtURI("Object already published at %s" % uri)
    logger.debug("Publishing %s", uri)
    object_obj.create(client, self, der, uri)
    se = DERSubElement(self.deltas[0], rrdp_xmlns + "publish", der = der, uri = uri)
    if hash is not None:
      se.set("hash", hash)
    rpki.relaxng.rrdp.assertValid(self.deltas)

  def withdraw(self, client, uri, hash):
    obj = object_obj.current_object_at_uri(client, self, uri)
    if obj is None:
      raise rpki.exceptions.NoObjectAtURI("No object published at %s" % uri)
    if obj.hash != hash:
      raise rpki.exceptions.DifferentObjectAtURI("Found different object at %s (old %s, new %s)" % (uri, obj.hash, hash))
    logger.debug("Withdrawing %s", uri)
    obj.delete(self)
    SubElement(self.deltas[0], rrdp_xmlns + "withdraw", uri = uri, hash = hash).tail = "\n"
    rpki.relaxng.rrdp.assertValid(self.deltas)


class object_obj(rpki.sql.sql_persistent):
  """
  A published object.
  """

  sql_template = rpki.sql.template(
    "object",
    "object_id",
    "uri",
    "der",
    "hash",
    "client_id",
    "session_id")

  def __repr__(self):
    return rpki.log.log_repr(self, self.uri)

  @property
  @rpki.sql.cache_reference
  def session(self):
    return session_obj.sql_fetch(self.gctx, self.session_id)

  @property
  @rpki.sql.cache_reference
  def client(self):
    return rpki.publication_control.client_elt.sql_fetch(self.gctx, self.client_id)

  @classmethod
  def create(cls, client, delta, der, uri):
    self = cls()
    self.gctx = delta.gctx
    self.uri = uri
    self.der = der
    self.hash = rpki.x509.sha256(der).encode("hex")
    logger.debug("Computed hash %s for %s", self.hash, self.uri)
    self.session_id = delta.session_id
    self.client_id = client.client_id
    self.sql_mark_dirty()
    return self

  def delete(self, delta):
    self.sql_mark_deleted()

  @classmethod
  def current_object_at_uri(cls, client, delta, uri):
    return cls.sql_fetch_where1(client.gctx,
                                "session_id = %s AND client_id = %s AND uri = %s",
                                (delta.session_id, client.client_id, uri))