openssl-static

2026-03-12 15:20:52 +01:00 · 2026-03-12 15:20:52 +01:00 · 3ef86c3593
commit 3ef86c3593
parent 76c1b9c08c
3 changed files with 130 additions and 92 deletions
--- a/exp.py
+++ b/exp.py
@ -72,11 +72,11 @@ CONFIGS = {
 	# i7-4790 -> pi3
 	"pi3": {
 		"experiments": [
-			"impl-cipher-ver",
-			"impl-cert-ver",
-			"impl-kex-ver",
-			"zrtt",
-			#"realistic"
+			#"impl-cipher-ver",
+			#"impl-cert-ver",
+			#"impl-kex-ver",
+			#"zrtt",
+			"realistic"
 		],
 		"sides": [
 			"client",
@ -106,38 +106,6 @@ CONFIGS = {
 		"notify_listen": ("0.0.0.0", 8090),
 		"notify_addr": "192.168.3.1:8090",
 	},
-	"pi3-local": {
-		"experiments": [
-			"impl-cipher-ver",
-			"impl-cert-ver",
-			"impl-kex-ver",
-		],
-		"sides": [
-			"client",
-			"server",
-		],
-		"tls": [
-			False,
-			True,
-		],
-		"records": [
-			{ "filename": "wikipedia", "repeat": 5 },
-		],
-		"repo_dir": "/home/exp/exp",
-		"exp_dir": "/dev/shm/exp",
-		"log_backup_dir": "/home/exp",
-		"local_addr": "127.0.0.1",
-		"remote_addr": "127.0.0.1",
-		"remote_repo_dir": "/home/exp/exp",
-		"wattmeter": False,
-		"perf": True,
-		"rapl": False,
-		"sa": True,
-		"perf_dir": "/home/exp/.cache/exp",
-		"listen_port": 8080,
-		"notify_listen": ("127.0.0.1", 8090),
-		"notify_addr": "127.0.0.1:8090",
-	},
 	# i7-4790 -> core2
 	"core2": {
 		"experiments": [
@ -242,7 +210,7 @@ CONFIGS = {
 		"notify_listen": ("0.0.0.0", 8090),
 		"notify_addr": "192.168.3.1:8090",
 		"ld_preload": {
-			"openssl": "/home/tuxmain/reps/tlsbench/libssl.so.3:/home/tuxmain/reps/tlsbench/libcrypto.so.3",
+			"openssl": "/home/tuxmain/reps/tlsbench/libssl.so:/home/tuxmain/reps/tlsbench/libcrypto.so",
 		}
 	},
 	"i5-local": {
@ -291,7 +259,7 @@ CONFIGS = {
 			True,
 		],
 		"records": [
-			{ "filename": "wikipedia", "repeat": 400 },
+			{ "filename": "wikipedia", "repeat": 12000 },
 		],
 		"repo_dir": "/home/pengelib/tlsbench",
 		"exp_dir": "/dev/shm/exp",
@ -306,7 +274,7 @@ CONFIGS = {
 		"rapl": False,
 		"sa": False,
 		"listen_port": 8080,
-		"idle": "idle - - - - - - - - - 1772205368.593937 1772206568.6941307 1200.1001937389374 0 298843 2217803 0 0 -",#TODO
+		"idle": "idle - - - - - - - - - 1772205368.593937 1772206568.6941307 1200.1001937389374 0 298843 2217803 16.6 0 -",
 		"notify_listen": ("0.0.0.0", 8090),
 		"notify_addr": "TODO:8090",
 		"ld_preload": {
@ -370,6 +338,7 @@ IMPLS = [
 	#"boring", # Google's fork of OpenSSL used in Chrome and Android
 	#"graviola", # New crypto in Rust
 	"openssl", # widely used
+	#"openssl-static",
 	#"ring", # used in most Rust stuff
 	#"symcrypt", # Microsoft's crypto
 	#"wolfcrypt" # used in embedded (won't build with rpxy for now)
@ -406,9 +375,9 @@ EXPERIMENTS = {
 			"AES_128_GCM_SHA256",
 			"AES_256_GCM_SHA384",
 			"CHACHA20_POLY1305_SHA256",
-			#"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-			#"ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-			#"ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+			"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+			"ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+			"ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
 		],
 		"kexes": ["X25519"],
 		"cert": ["prime256v1"],
@ -419,7 +388,7 @@ EXPERIMENTS = {
 		"impls": IMPLS,
 		"ciphers": [
 			"AES_128_GCM_SHA256",
-			#"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+			"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
 		],
 		"kexes": ["X25519"],
 		"cert": [
@ -436,7 +405,7 @@ EXPERIMENTS = {
 		"impls": IMPLS,
 		"ciphers": [
 			"AES_128_GCM_SHA256",
-			#"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+			"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
 		],
 		"kexes": [
 			"X25519",
@ -505,9 +474,9 @@ def alg_filter(kex, cert, cipher, impl):
 	if "MLKEM" in kex and "WITH" in cipher:
 		# WITH means TLS1.2
 		return False
-	if "MLKEM" in kex and impl != "openssl" and impl != "aws-lc" and impl != "graviola":
+	if "MLKEM" in kex and "openssl" not in impl and impl != "aws-lc" and impl != "graviola":
 		return False
-	if kex == "SECP256R1MLKEM768" and impl == "openssl":
+	if kex == "SECP256R1MLKEM768" and "openssl" in impl:
 		return False
 	if cert == "secp384r1" and impl == "boring":
 		return False
@ -515,7 +484,7 @@ def alg_filter(kex, cert, cipher, impl):
 		return False
 	if kex == "MLKEM768" and impl == "graviola":
 		return False
-	if cipher == "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384" and impl == "openssl":
+	if cipher == "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384" and "openssl" in impl:
 		return False
 	return True