2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-22 14:23:41 +01:00

separate darwin and non-darwin OS autodetection, add NOAUTODETECT support for top1m performance

This patch implements two structural changes.

First, OS-level detection routines are broken out into a case statement.

Darwin doesn't need to test for readlink/timeout nor Busybox, so this
noticeably improves performance over multiple runs on Darwin.

Linux suffers no additional penalty, since we already ran if $(uname)
every time anyways, and continues to use the more complex
timeout/gtimeout/busybox logic at the (preexisting, unaffected) cost to
performance over multiple runs.

Second, if NOAUTODETECT is set, then the script assumes (and verifies)
that you're providing TIMEOUTBIN and OPENSSLBIN values. If both of those
values are executable files, then the script will proceed, else it will
abort. In this scenario, readlink is unnecessary and is thus unused.

The combination of these two changes will improve performance over
multiple runs both on Darwin and when NOAUTODETECT is set for top1m.
This commit is contained in:
Richard Soderberg 2015-09-03 23:52:58 -07:00
parent 12ede64882
commit 4b87301eb4

View File

@ -18,14 +18,80 @@ if [[ ${BASH_VERSINFO[0]} -lt 4 ]]; then
exit 1 exit 1
fi fi
DIRNAMEPATH=$(dirname "$0") if [[ -n $NOAUTODETECT ]]; then
REALPATH="$DIRNAMEPATH" if ! [[ -f $TIMEOUTBIN && -x $TIMEOUTBIN ]]; then
# make sure this doesn't error out when readlink -f isn't available (OSX) echo "NOAUTODETECT set, but TIMEOUTBIN is not an executable file" 1>&2
readlink -f "$0" &>/dev/null && REALPATH=$(dirname "$(readlink -f "$0")") exit 1
if [[ "$(uname -s)" == "Darwin" ]]; then fi
OPENSSLBIN="${REALPATH}/openssl-darwin64" if ! [[ -f $OPENSSLBIN && -x $OPENSSLBIN ]]; then
echo "NOAUTODETECT set, but OPENSSLBIN is not an executable file" 1>&2
exit 1
fi
else else
OPENSSLBIN="${REALPATH}/openssl" case "$(uname -s)" in
Darwin)
opensslbin_name="openssl-darwin64"
READLINKBIN=$(which greadlink 2>/dev/null)
if [[ -z $READLINKBIN ]]; then
echo "greadlink not found. (try: brew install coreutils)" 1>&2
exit 1
fi
TIMEOUTBIN=$(which gtimeout 2>/dev/null)
if [[ -z $TIMEOUTBIN ]]; then
echo "gtimeout not found. (try: brew install coreutils)" 1>&2
exit 1
fi
;;
*)
opensslbin_name="openssl"
# test that readlink or greadlink (darwin) are present
READLINKBIN="$(which readlink)"
if [[ "$READLINKBIN" == "" ]]; then
READLINKBIN="$(which greadlink)"
if [[ "$READLINKBIN" == "" ]]; then
echo "neither readlink nor greadlink are present. install coreutils with {apt-get,yum,brew} install coreutils" 1>&2
exit 1
fi
fi
# test that timeout or gtimeout (darwin) are present
TIMEOUTBIN="$(which timeout)"
if [[ "$TIMEOUTBIN" == "" ]]; then
TIMEOUTBIN="$(which gtimeout)"
if [[ "$TIMEOUTBIN" == "" ]]; then
echo "neither timeout nor gtimeout are present. install coreutils with {apt-get,yum,brew} install coreutils" 1>&2
exit 1
fi
fi
# Check for busybox, which has different arguments
TIMEOUTOUTPUT="$($TIMEOUTBIN --help 2>&1)"
if [[ "$TIMEOUTOUTPUT" =~ BusyBox ]]; then
TIMEOUTBIN="$TIMEOUTBIN -t"
fi
;;
esac
fi
DIRNAMEPATH=$(dirname "$0")
if [[ -z $OPENSSLBIN ]]; then
readlink_result=$("$READLINKBIN" -f "$0")
if [[ -z $readlink_result ]]; then
echo "$READLINKBIN -f $0 failed, aborting." 1>&2
exit 1
fi
REALPATH=$(dirname "$readlink_result")
if [[ -z $REALPATH ]]; then
echo "dirname $REALPATH failed, aborting." 1>&2
exit 1
fi
OPENSSLBIN="${REALPATH}/${opensslbin_name}"
fi fi
OPENSSLBINHELP="$($OPENSSLBIN s_client -help 2>&1)" OPENSSLBINHELP="$($OPENSSLBIN s_client -help 2>&1)"
if ! [[ $OPENSSLBINHELP =~ -connect ]]; then if ! [[ $OPENSSLBINHELP =~ -connect ]]; then
@ -33,23 +99,6 @@ if ! [[ $OPENSSLBINHELP =~ -connect ]]; then
exit 1 exit 1
fi fi
# test that timeout or gtimeout (darwin) are present
TIMEOUTBIN="$(which timeout)"
if [[ "$TIMEOUTBIN" == "" ]]; then
TIMEOUTBIN="$(which gtimeout)"
if [[ "$TIMEOUTBIN" == "" ]]; then
echo "neither timeout nor gtimeout are present. install coreutils with {apt-get,yum,brew} install coreutils"
exit 1
fi
fi
# Check for busybox, which has different arguments
TIMEOUTOUTPUT="$($TIMEOUTBIN --help 2>&1)"
if [[ "$TIMEOUTOUTPUT" =~ BusyBox ]]; then
TIMEOUTBIN="$TIMEOUTBIN -t"
fi
# use custom config file to enable GOST ciphers # use custom config file to enable GOST ciphers
if [[ -e $DIRNAMEPATH/openssl.cnf ]]; then if [[ -e $DIRNAMEPATH/openssl.cnf ]]; then
export OPENSSL_CONF="$DIRNAMEPATH/openssl.cnf" export OPENSSL_CONF="$DIRNAMEPATH/openssl.cnf"