diff --git a/README.md b/README.md index 5390f74..b27afe7 100644 --- a/README.md +++ b/README.md @@ -366,6 +366,25 @@ sudo chown root powercap sudo chmod u+s powercap ``` +### Grid5000 + +```bash +ssh lyon.g5k +oarsub -q default -l host=2,walltime=2 -I +# Check the name of the other node in https://intranet.grid5000.fr/oar/Lyon/drawgantt-svg/ +# Let's call them p1 and p2 +ping p2 +# Note p2 addr to exp.py +pip3 install fabric +python exp.py make g5k -c +python exp.py send g5k + +# Notes +scp /lib/x86_64-linux-gnu/libssl.so.3.6 lyon.g5k:~/ +scp /lib/x86_64-linux-gnu/libcrypto.so.3.6 lyon.g5k:~/ +LD_PRELOAD="/home/pengelib/tlsbench/libssl.so.3.6 /home/pengelib/tlsbench/libcrypto.so.3.6" ./netreplay --help +``` + ## Problems ### Youtube diff --git a/exp.py b/exp.py index 0e10a34..c7aab73 100644 --- a/exp.py +++ b/exp.py @@ -194,7 +194,7 @@ CONFIGS = { "server", ], "records": [ - { "filename": "wikipedia", "repeat": 500 }, + { "filename": "wikipedia", "repeat": 2000 }, ], "repodir": "/home/tuxmain/reps/tlsbench", "expdir": "/dev/shm/exp", @@ -240,6 +240,37 @@ CONFIGS = { "p3_port_plain": 8080, "p3_port_tls": 8443, }, + "g5k": { + "experiments": [ + "impl-cipher-ver", + "impl-cert-ver", + "impl-kex-ver", + "zrtt", + ], + "setups": [ + "none", + "client", + "server", + ], + "records": [ + { "filename": "wikipedia", "repeat": 400 }, + ], + "repodir": "/home/pengelib/tlsbench", + "expdir": "/dev/shm/exp", + "log_backup_dir": "/home/pengelib", + "p2_hostname": "nova-6", + "p2_addr": "172.16.52.6", + "p2_ssh": "pengelib@nova-6", + "p2_psw": None, + "p2_repodir": "/home/pengelib/tlsbench", + "wattmeter": False, + "perf": False, + "rapl": False, + "p3_suffix": "", + "p3_port_plain": 8080, + "p3_port_tls": 8443, + "idle": "idle - - - - - - - 600.000194311142 0.0 1822 6541 1.3880000000000052 304283035 -",#TODO + }, } # Wildcard subdomains are used only for certificates. @@ -423,8 +454,8 @@ def alg_filter(kex, cert, cipher, impl): return False if kex == "MLKEM768" and impl == "graviola": return False - #if cipher == "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384" and impl == "openssl": - # return False + if cipher == "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384" and impl == "openssl": + return False return True DOMAINS = [] diff --git a/makecerts.py b/makecerts.py new file mode 100644 index 0000000..4c48743 --- /dev/null +++ b/makecerts.py @@ -0,0 +1,13 @@ +# Get certificates from domains and make a similar chain. + +import OpenSSL +import ssl + +def get_server_cert(domain, port=443): + cert_pem = ssl.get_server_certificate((domain, port)) + cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert_pem) + for i in range(cert.get_extension_count()): + ext = cert.get_extension(i) + ext_name = ext.get_short_name() + if ext_name == "": + return cert diff --git a/plots.py b/plots.py index 64cd9eb..732d8cf 100644 --- a/plots.py +++ b/plots.py @@ -341,13 +341,19 @@ def cmp_versions(logs, exps, criteria, objs): val12 = float(log12[COL[obj]]) - idle_val[obj] * float(log12["time"]) val13 = float(log13[COL[obj]]) - idle_val[obj] * float(log13["time"]) # Difference relative to the mean of the two values - diff_rel = abs(val12 - val13) / ((val12 + val13) / 2) + try: + diff_rel = abs(val12 - val13) / ((val12 + val13) / 2) + except ZeroDivisionError: + continue diff_rel_max[obj] = max(diff_rel_max[obj], diff_rel) diff_rel_sum[obj] += diff_rel diff_rel_num[obj] += 1 - diff_rel_avg = {obj:diff_rel_sum[obj]/diff_rel_num[obj] for obj in objs} print("Diff rel max: ", diff_rel_max) - print("Diff rel avg: ", diff_rel_avg) + try: + diff_rel_avg = {obj:diff_rel_sum[obj]/diff_rel_num[obj] for obj in objs} + print("Diff rel avg: ", diff_rel_avg) + except ZeroDivisionError: + pass def getargv(arg:str, default="", n:int=1, args:list=sys.argv): if arg in args and len(args) > args.index(arg)+n: