From ff821d7b2bc67934f1245f205a49dc967ab639c0 Mon Sep 17 00:00:00 2001 From: Eugene Syromiatnikov Date: Fri, 17 Oct 2025 12:21:37 +0200 Subject: [PATCH] perflib, handshake: do not use OSSL_LIB_CTX on OpenSSL < 3.0 OSSL_LIB_CTX object and related APIs have been introduced in OpenSSL 3.0, and its usage prevents compiling perftools with OpenSSL 1.1.1. So far, it is limited to specific handshake testing modes, so just put the relevant code into conditional preprocessor sections. Resolves: https://github.com/openssl/perftools/issues/54 Signed-off-by: Eugene Syromiatnikov --- source/handshake.c | 29 ++++++++++++++++++++++++++--- source/perflib/perflib.h | 2 ++ source/perflib/perfsslhelper.c | 2 ++ 3 files changed, 30 insertions(+), 3 deletions(-) diff --git a/source/handshake.c b/source/handshake.c index d64b0348..cb19b480 100644 --- a/source/handshake.c +++ b/source/handshake.c @@ -27,6 +27,7 @@ int err = 0; +#if OPENSSL_VERSION_NUMBER >= 0x30000000L typedef enum { INIT_LIB_CTX, INIT_LIB_AND_SSL_CTX, @@ -38,11 +39,13 @@ struct ctxs { SSL_CTX *cctx; }; +static struct ctxs **ctx_pool = NULL; +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ + static SSL_CTX *sctx = NULL, *cctx = NULL; static int share_ctx = 1; static char *cert = NULL; static char *privkey = NULL; -static struct ctxs **ctx_pool = NULL; size_t *counts; @@ -52,9 +55,11 @@ static long pool_size = 16; typedef enum { TC_SSL_CTX, +#if OPENSSL_VERSION_NUMBER >= 0x30000000L TC_OSSL_LIB_CTX_PER_THREAD, TC_OSSL_LIB_CTX_POOL, TC_SSL_CTX_POOL, +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ } test_case_t; OSSL_TIME max_time; static test_case_t test_case = TC_SSL_CTX; @@ -105,6 +110,8 @@ static void do_handshake(size_t num) err = 1; } +#if OPENSSL_VERSION_NUMBER >= 0x30000000L + static void do_handshake_ossl_lib_ctx_per_thread(size_t num) { SSL *clientssl = NULL, *serverssl = NULL; @@ -315,17 +322,21 @@ static int test_ossl_lib_ctx_pool(size_t threadcount, OSSL_TIME *duration) free_ctx_pool(); return ret; - } +} + +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ void usage(const char *progname) { printf("Usage: %s [options] certsdir threadcount\n", progname); printf("-t - terse output\n"); printf("-s - disable context sharing\n"); +#if OPENSSL_VERSION_NUMBER >= 0x30000000L printf("-p - use ossl_lib_ctx per thread\n"); printf("-P - use ossl_lib_ctx pool\n"); printf("-l - use ssl ctx pool\n"); printf("-o - set ossl_lib_ctx pool size\n"); +#endif printf("-S [n] - use secure memory\n"); } @@ -342,7 +353,13 @@ int main(int argc, char * const argv[]) int p_flag = 0, P_flag = 0, l_flag = 0; char *endptr = NULL; - while ((opt = getopt(argc, argv, "tspPo:lS:")) != -1) { + while ((opt = getopt(argc, argv, +#if OPENSSL_VERSION_NUMBER >= 0x30000000L + "tspPo:lS:" +#else + "tsS:" +#endif + )) != -1) { switch (opt) { case 't': terse = 1; @@ -350,6 +367,7 @@ int main(int argc, char * const argv[]) case 's': share_ctx = 0; break; +#if OPENSSL_VERSION_NUMBER >= 0x30000000L case 'p': p_flag = 1; test_case = TC_OSSL_LIB_CTX_PER_THREAD; @@ -381,6 +399,7 @@ int main(int argc, char * const argv[]) l_flag = 1; test_case = TC_SSL_CTX_POOL; break; +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ case 'S': { char *end = NULL; int sec_mem_size; @@ -408,12 +427,14 @@ int main(int argc, char * const argv[]) } } +#if OPENSSL_VERSION_NUMBER >= 0x30000000L if ((p_flag + P_flag + l_flag) > 1) { fprintf(stderr, "Error: -p, -P, and -l are mutually exclusive." " Choose only one.\n\n"); usage(basename(argv[0])); return EXIT_FAILURE; } +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ if (argv[optind] == NULL) { printf("certsdir is missing\n"); @@ -461,6 +482,7 @@ int main(int argc, char * const argv[]) } break; } +#if OPENSSL_VERSION_NUMBER >= 0x30000000L case TC_OSSL_LIB_CTX_PER_THREAD: { if (!perflib_run_multi_thread_test(do_handshake_ossl_lib_ctx_per_thread, threadcount, &duration)) { @@ -477,6 +499,7 @@ int main(int argc, char * const argv[]) } break; } +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ default: fprintf(stderr, "Invalid test case\n"); goto err; diff --git a/source/perflib/perflib.h b/source/perflib/perflib.h index e41f8160..b3c91489 100644 --- a/source/perflib/perflib.h +++ b/source/perflib/perflib.h @@ -48,10 +48,12 @@ int perflib_create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, int min_proto_version, int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, char *privkeyfile); +#if OPENSSL_VERSION_NUMBER >= 0x30000000L int perflib_create_ossl_lib_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm, const SSL_METHOD *cm, int min_proto_version, int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, char *privkeyfile); +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ int perflib_create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, SSL **cssl, BIO *s_to_c_fbio, BIO *c_to_s_fbio); diff --git a/source/perflib/perfsslhelper.c b/source/perflib/perfsslhelper.c index 4707c200..cf32394f 100644 --- a/source/perflib/perfsslhelper.c +++ b/source/perflib/perfsslhelper.c @@ -61,6 +61,7 @@ static int perflib_use_certificate(SSL_CTX *serverctx, SSL_CTX *clientctx, return 0; } +#if OPENSSL_VERSION_NUMBER >= 0x30000000L int perflib_create_ossl_lib_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm, const SSL_METHOD *cm, int min_proto_version, int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, @@ -90,6 +91,7 @@ int perflib_create_ossl_lib_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm, err: return 0; } +#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */ int perflib_create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, int min_proto_version,