uNetworking / uSockets

Miniscule cross-platform eventing, networking & crypto for async applications
Apache License 2.0
1.29k stars 267 forks source link

hammer_test fails when running with openssl #146

Closed epsilon-0 closed 3 years ago

epsilon-0 commented 3 years ago

This is after a small fix to load the correct certificates -

--- a/examples/hammer_test.c                                                                                                                                                  
+++ b/examples/hammer_test.c                                                                                                                                                  
@@ -403,9 +403,8 @@ int main() {                                                                                                                                              

     // these are ignored for non-SSL                                                                                                                                         
     struct us_socket_context_options_t options = {};                                                                                                                         
-    options.key_file_name = "/home/alexhultman/uWebSockets.js/misc/key.pem";                                                                                                 
-    options.cert_file_name = "/home/alexhultman/uWebSockets.js/misc/cert.pem";                                                                                               
-    options.passphrase = "1234";                                                                                                                                             
+    options.key_file_name = "key.pem";                                                                                                                                 
+    options.cert_file_name = "cert.pem";                                                                                                                                

     http_context = us_create_socket_context(SSL, loop, sizeof(struct http_context), options);                                                                                

where I generated the certificates with

openssl req -x509 -out cert.pem -keyout key.pem -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -extensions EXT -config localhost.conf

and the localhost.conf contains

[dn]
CN=localhost
[req]
distinguished_name = dn
[EXT]
subjectAltName=DNS:localhost
keyUsage=digitalSignature
extendedKeyUsage=serverAuth

After these changes, when built with openssl, the failure starts happening at around 57-60%, its a bit random and not exactly at the same percentage.

ghost commented 3 years ago

What is a failure here?

epsilon-0 commented 3 years ago

Ah sorry, the error message says -

Running hammer test
 58% [||||||||||||||||||||||||||||||||||                          ]FAILED TO START CONNECTION, WILL EXIT NOW
epsilon-0 commented 3 years ago

OK, after some digging, I've managed to figure out that this is exhausting the number of file descriptors allowed for a user. Extending the limits for the user allowed all tests to pass!

But also, not quite sure why does the SSL enabled build need so many more file descriptors (!?).

epsilon-0 commented 3 years ago

As an addendum, after getting it to work on Gentoo, I also tried building it on OpenBSD (with libuv) and it seems like it is working nicely with LibreSSL as well. I seem to remember that there was an issue asking to support LibreSSL and it turns out that it works out of the box, just as a note for other users. :heart: