Skip to content

Instantly share code, notes, and snippets.

Native tls fails cert auth

collecting stats with bpftrace
{"pid":67630,"driver":"/home/ec2-user/bin/s2n-netbench-driver-client-native-tls","scenario":"/home/ec2-user/bin/request_response_multi_20_incast_1GB_req_resp.json","start_time":{"secs_since_epoch":1707957073,"nanos_since_epoch":91859932},"traces":["lbl","request","response"]}
> Attaching 14 probes...
{"t":0,"memory":2494464000,"virtual_memory":10850304000}
Error: Ssl(Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 167772294, library: "SSL routines", function: "tls_post_process_server_certificate", reason: "certificate verify failed", file: "ssl/statem/statem_clnt.c", line: 2091 }]))) }, X509VerifyResult { code: 62, error: "hostname mismatch" })
{"t":0,"memory":2494464000,"virtual_memory":10850304000,"syscalls":592,"allocs":{"count":46709,"total":7038380},"reallocs":{"count":547,"total":129465},"deallocs":{"count":648,"total":452627}}
> cross tree --target i686-unknown-linux-gnu > tree
1.71.1-x86_64-unknown-linux-gnu unchanged - rustc 1.71.1 (eb26296b5 2023-08-03)
s2n-codec v0.32.0 (/home/toidiu/projects/s2n-quic/common/s2n-codec)
├── bolero-generator v0.10.1
│ ├── bolero-generator-derive v0.10.0 (proc-macro)
│ │ ├── proc-macro-crate v1.3.1
│ │ │ ├── once_cell v1.19.0
s2n-tls-sys v0.1.2 (/Users/apoorvko/projects/fresh/s2n-tls/bindings/rust/s2n-tls-sys)
├── aws-lc-sys v0.12.1
│ ├── libc v0.2.152
│ └── paste v1.0.14 (proc-macro)
│ [build-dependencies]
│ ├── bindgen v0.68.1
│ │ ├── bitflags v2.4.2
│ │ ├── cexpr v0.6.0
│ │ │ └── nom v7.1.3
│ │ │ ├── memchr v2.7.1
@toidiu
toidiu / ktls_sw_server_enable_disable_server_tx.json
Last active November 9, 2022 08:30
server ktls enable and disable, server sending 4GB in a network limited in a 20ms RTT ec2<>ec2
{"$schema":"https://vega.github.io/schema/vega/v5.json","axes":[{"format":"%ss","formatType":"time","orient":"top","scale":"scale$x"},{"format":"%ss","formatType":"time","orient":"bottom","scale":"scale$x"},{"format":"~s","orient":"left","scale":"scale$statValue","title":{"signal":"ui$view"}}],"config":{"axis":{"grid":true,"gridColor":"#ccc","gridOpacity":1,"gridWidth":0.5,"labelPadding":10,"tickSize":5,"tickWidth":0.5},"background":"#fff","legend":{"labelBaseline":"middle","labelFontSize":11,"symbolSize":50,"symbolType":"square"}},"data":[{"name":"data$stats","values":[{"p":0,"s":0,"x":0,"y":0.0},{"p":0,"s":1,"x":0,"y":6127616000.0},{"p":0,"s":2,"x":0,"y":75894784000.0},{"p":0,"s":3,"x":0,"y":0.0},{"p":0,"s":4,"x":0,"y":0.0},{"p":0,"s":5,"x":0,"y":0.0},{"p":0,"s":6,"x":0,"y":0.0},{"p":0,"s":7,"x":0,"y":0.0},{"p":0,"s":8,"x":0,"y":0.0},{"p":0,"s":9,"x":0,"y":0.0},{"p":0,"s":10,"x":0,"y":0.0},{"p":0,"s":11,"x":0,"y":0.0},{"p":0,"s":12,"x":0,"y":0.0},{"p":0,"s":13,"x":0,"y":0.0},{"p":0,"s":14,"x":0,"y":0.0},{"p
@toidiu
toidiu / ktls_sw_server_client_enable_disable_tx.json
Last active November 8, 2022 20:04
ktls sw, tx. server ktls is enable and disable. measured at the server. (client behavior is ktls_diable) tx then rx... (client behavior is ktls_enable) tx then rx...
{"$schema":"https://vega.github.io/schema/vega/v5.json","axes":[{"format":"%ss","formatType":"time","orient":"top","scale":"scale$x"},{"format":"%ss","formatType":"time","orient":"bottom","scale":"scale$x"},{"format":"~s","orient":"left","scale":"scale$statValue","title":{"signal":"ui$view"}}],"config":{"axis":{"grid":true,"gridColor":"#ccc","gridOpacity":1,"gridWidth":0.5,"labelPadding":10,"tickSize":5,"tickWidth":0.5},"background":"#fff","legend":{"labelBaseline":"middle","labelFontSize":11,"symbolSize":50,"symbolType":"square"}},"data":[{"name":"data$stats","values":[{"p":0,"s":0,"x":0,"y":0.0},{"p":0,"s":1,"x":0,"y":6283264000.0},{"p":0,"s":2,"x":0,"y":75894784000.0},{"p":0,"s":3,"x":0,"y":0.0},{"p":0,"s":4,"x":0,"y":0.0},{"p":0,"s":5,"x":0,"y":0.0},{"p":0,"s":6,"x":0,"y":0.0},{"p":0,"s":7,"x":0,"y":0.0},{"p":0,"s":8,"x":0,"y":0.0},{"p":0,"s":9,"x":0,"y":0.0},{"p":0,"s":10,"x":0,"y":0.0},{"p":0,"s":11,"x":0,"y":0.0},{"p":0,"s":12,"x":0,"y":0.0},{"p":0,"s":13,"x":0,"y":0.0},{"p":0,"s":14,"x":0,"y":0.0},{"p
Summary:
- execute run.sh to build and test with Make
- the others are individual commands set and use different libcrypto providers and GCC versions
----------------------------
OS requirements: `cat /etc/os-release`
NAME="Ubuntu"
VERSION="18.04.6 LTS (Bionic Beaver)"
ID=ubuntu
time cwnd
0 2
1 2
2 2
3 2
4 2
5 2
6 2
7 2
8 2
@toidiu
toidiu / vary_ack_threshold_local_laptop_desktop.json
Last active June 16, 2022 17:51
(laptop<>desktop). delay 13-30ms when running netbench, 5-300ms when not. number specifies server packet threshold and client varies 2,10,30,60,80,100.
{"$schema":"https://vega.github.io/schema/vega/v5.json","axes":[{"format":"%ss","formatType":"time","orient":"top","scale":"scale$x"},{"format":"%ss","formatType":"time","orient":"bottom","scale":"scale$x"},{"format":"~s","orient":"left","scale":"scale$statValue","title":{"signal":"ui$view"}}],"config":{"axis":{"grid":true,"gridColor":"#ccc","gridOpacity":1,"gridWidth":0.5,"labelPadding":10,"tickSize":5,"tickWidth":0.5},"background":"#fff","legend":{"labelBaseline":"middle","labelFontSize":11,"symbolSize":50,"symbolType":"square"}},"data":[{"name":"data$stats","values":[{"p":0,"s":0,"x":0,"y":0.0},{"p":0,"s":1,"x":0,"y":1636000.0},{"p":0,"s":2,"x":0,"y":8704000000.0},{"p":0,"s":3,"x":0,"y":0.0},{"p":0,"s":4,"x":0,"y":0.0},{"p":0,"s":5,"x":0,"y":0.0},{"p":0,"s":6,"x":0,"y":0.0},{"p":0,"s":7,"x":0,"y":0.0},{"p":0,"s":8,"x":0,"y":0.0},{"p":0,"s":9,"x":0,"y":0.0},{"p":0,"s":10,"x":0,"y":0.0},{"p":0,"s":11,"x":0,"y":0.0},{"p":0,"s":12,"x":0,"y":0.0},{"p":0,"s":13,"x":0,"y":0.0},{"p":0,"s":14,"x":0,"y":0.0},{"p":0,
@toidiu
toidiu / vary_ack_threshold_100_and_50_percent_cpu.json
Created June 16, 2022 08:02
(desktop<>desktop). measure on server. cpu 100% and 50%. server is packet threshold 10. client varies 2,10,30,60,80,100
{"$schema":"https://vega.github.io/schema/vega/v5.json","axes":[{"format":"%ss","formatType":"time","orient":"top","scale":"scale$x"},{"format":"%ss","formatType":"time","orient":"bottom","scale":"scale$x"},{"format":"~s","orient":"left","scale":"scale$statValue","title":{"signal":"ui$view"}}],"config":{"axis":{"grid":true,"gridColor":"#ccc","gridOpacity":1,"gridWidth":0.5,"labelPadding":10,"tickSize":5,"tickWidth":0.5},"background":"#fff","legend":{"labelBaseline":"middle","labelFontSize":11,"symbolSize":50,"symbolType":"square"}},"data":[{"name":"data$stats","values":[{"p":0,"s":0,"x":0,"y":0.0},{"p":0,"s":1,"x":0,"y":1492000.0},{"p":0,"s":2,"x":0,"y":8704000000.0},{"p":0,"s":3,"x":0,"y":0.0},{"p":0,"s":4,"x":0,"y":0.0},{"p":0,"s":5,"x":0,"y":0.0},{"p":0,"s":6,"x":0,"y":0.0},{"p":0,"s":7,"x":0,"y":0.0},{"p":0,"s":8,"x":0,"y":0.0},{"p":0,"s":9,"x":0,"y":0.0},{"p":0,"s":10,"x":0,"y":0.0},{"p":0,"s":11,"x":0,"y":0.0},{"p":0,"s":12,"x":0,"y":0.0},{"p":0,"s":13,"x":0,"y":0.0},{"p":0,"s":14,"x":0,"y":0.0},{"p":0,
@toidiu
toidiu / vary_ack_threshold_50_percent_cpu.json
Created June 16, 2022 06:25
(desktop<>desktop). measured on server. limit cpu on server to 50% using cpulimt. number represents server packet threshold. vary client packet threshold 2,30,60,80,100
{"$schema":"https://vega.github.io/schema/vega/v5.json","axes":[{"format":"%ss","formatType":"time","orient":"top","scale":"scale$x"},{"format":"%ss","formatType":"time","orient":"bottom","scale":"scale$x"},{"format":"~s","orient":"left","scale":"scale$statValue","title":{"signal":"ui$view"}}],"config":{"axis":{"grid":true,"gridColor":"#ccc","gridOpacity":1,"gridWidth":0.5,"labelPadding":10,"tickSize":5,"tickWidth":0.5},"background":"#fff","legend":{"labelBaseline":"middle","labelFontSize":11,"symbolSize":50,"symbolType":"square"}},"data":[{"name":"data$stats","values":[{"p":0,"s":0,"x":0,"y":0.0},{"p":0,"s":1,"x":0,"y":1552000.0},{"p":0,"s":2,"x":0,"y":8851456000.0},{"p":0,"s":3,"x":0,"y":0.0},{"p":0,"s":4,"x":0,"y":0.0},{"p":0,"s":5,"x":0,"y":0.0},{"p":0,"s":6,"x":0,"y":0.0},{"p":0,"s":7,"x":0,"y":0.0},{"p":0,"s":8,"x":0,"y":0.0},{"p":0,"s":9,"x":0,"y":0.0},{"p":0,"s":10,"x":0,"y":0.0},{"p":0,"s":11,"x":0,"y":0.0},{"p":0,"s":12,"x":0,"y":0.0},{"p":0,"s":13,"x":0,"y":0.0},{"p":0,"s":14,"x":0,"y":0.0},{"p":0,