When I use TLS 1.1 or TLS 1.2 the first request that is send to the server is completely garbage (looks like some random bits from memory rather than a HTTP request). Subsequent requests to the same server work fine. I'm not sure what precisely the issue is but I noted that core_ssl_connect() is written such that httperf can interleave other stuff while connecting. With a more "atomic" connect loop the problem is gone on my test machine: while ((ssl_err = SSL_connect(s->ssl)) == -1) { int reason = SSL_get_error(s->ssl, ssl_err); if (reason != SSL_ERROR_WANT_READ && reason != SSL_ERROR_WANT_WRITE) { fprintf(stderr, "%s: failed to connect to SSL server (err=%d, reason=%d)\n", prog_name, ssl_err, reason); ERR_print_errors_fp(stderr); exit(-1); } }
Maintainer feedback!
A commit references this bug: Author: danfe Date: Sat Dec 7 11:39:36 UTC 2019 New revision: 519200 URL: https://svnweb.freebsd.org/changeset/ports/519200 Log: - Update to the latest GitHub commit: current version is from 2015 and is not compatible with modern OpenSSL implementations - Set PORTVERSION to the version number as reported by `httperf -V' - Increase buffer size in do_recv() to match TLS record size which can be up to 16kB [1] - When using TLS 1.1 or TLS 1.2, the first SSL_connect() may often return error, while subsequent requests work fine -- to mitigate this, try to SSL_connect() a little harder [2] Approved by: maintainer timeout PR: 230680 [1], 230681 [2] Changes: head/benchmarks/httperf/Makefile head/benchmarks/httperf/distinfo head/benchmarks/httperf/files/patch-nossl23 head/benchmarks/httperf/files/patch-src_core.c
Should be fixed per ports r519200, thanks!