portal/tls in vbench app test

vbench app now supports tls via config file (dumpurl app still
plaintext only).

8 files changed, 127 insertions, 41 deletions

diff --git a/vbench/src/tests/app_vbench/.gitignore b/vbench/src/tests/app_vbench/.gitignore
index 37e7b548d05..40552befdd9 100644
--- a/vbench/src/tests/app_vbench/.gitignore
+++ b/vbench/src/tests/app_vbench/.gitignore
@@ -1,4 +1,10 @@
 /vbench.cfg.template
 /vbench.cfg
 /vbench.out
-vbench_app_vbench_test_app
+/vbench.tls.cfg.template
+/vbench.tls.cfg
+/vbench.tls.out
+/ca_certs.pem
+/certs.pem
+/test.key
+/vbench_app_vbench_test_app
diff --git a/vbench/src/tests/app_vbench/CMakeLists.txt b/vbench/src/tests/app_vbench/CMakeLists.txt
index b246fd2f1fd..5f32524905b 100644
--- a/vbench/src/tests/app_vbench/CMakeLists.txt
+++ b/vbench/src/tests/app_vbench/CMakeLists.txt
@@ -8,3 +8,4 @@ vespa_add_executable(vbench_app_vbench_test_app TEST
 )
 vespa_add_test(NAME vbench_app_vbench_test_app NO_VALGRIND COMMAND vbench_app_vbench_test_app)
 configure_file(vbench.cfg.template.template vbench.cfg.template @ONLY)
+configure_file(vbench.tls.cfg.template.template vbench.tls.cfg.template @ONLY)
diff --git a/vbench/src/tests/app_vbench/app_vbench_test.cpp b/vbench/src/tests/app_vbench/app_vbench_test.cpp
index 00645045fb3..6e396caa2e5 100644
--- a/vbench/src/tests/app_vbench/app_vbench_test.cpp
+++ b/vbench/src/tests/app_vbench/app_vbench_test.cpp
@@ -3,30 +3,31 @@
 #include <vbench/test/all.h>
 #include <vespa/vespalib/util/slaveproc.h>
 #include <vespa/vespalib/net/crypto_engine.h>
+#include <vespa/vespalib/net/tls/tls_crypto_engine.h>
+#include <vespa/vespalib/test/make_tls_options_for_testing.h>
+#include <vespa/vespalib/portal/portal.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 
 using namespace vbench;
 using vespalib::SlaveProc;
 
 using InputReader = vespalib::InputReader;
 using OutputWriter = vespalib::OutputWriter;
+using Portal = vespalib::Portal;
 
 auto null_crypto = std::make_shared<vespalib::NullCryptoEngine>();
+auto tls_opts = vespalib::test::make_tls_options_for_testing();
+auto tls_crypto = std::make_shared<vespalib::TlsCryptoEngine>(tls_opts);
 
-bool endsWith(const Memory &mem, const string &str) {
-    return (mem.size < str.size()) ? false
-        : (strncmp(mem.data + mem.size - str.size(), str.data(), str.size()) == 0);
-}
-
-void readUntil(Input &input, SimpleBuffer &buffer, const string &end) {
-    InputReader in(input);
-    while (!endsWith(buffer.get(), end)) {
-        char c = in.read();
-        if (in.failed()) {
-            return;
-        }
-        buffer.reserve(1).data[0] = c;
-        buffer.commit(1);
-    }
+void write_file(const vespalib::string &file_name, const vespalib::string &content) {
+    int fd = creat(file_name.c_str(), 0600);
+    ASSERT_TRUE(fd >= 0);
+    ssize_t res = write(fd, content.data(), content.size());
+    ASSERT_EQUAL(res, ssize_t(content.size()));
+    int res2 = close(fd);
+    ASSERT_EQUAL(res2, 0);
 }
 
 TEST("vbench usage") {
@@ -35,29 +36,46 @@ TEST("vbench usage") {
     fprintf(stderr, "%s\n", out.c_str());
 }
 
-TEST_MT_F("run vbench", 2, ServerSocket()) {
+struct MyGet : vespalib::Portal::GetHandler {
+    std::atomic<size_t> cnt;
+    void get(vespalib::Portal::GetRequest request) override {
+        ++cnt;
+        request.respond_with_content("text/plain", "data");
+    };
+};
+
+struct Servers {
+    MyGet my_get;
+    MyGet my_tls_get;
+    Portal::SP portal;
+    Portal::SP tls_portal;
+    Portal::Token::UP root;
+    Portal::Token::UP tls_root;
+    Servers() : my_get(), my_tls_get(),
+                portal(Portal::create(null_crypto, 0)),
+                tls_portal(Portal::create(tls_crypto, 0)),
+                root(portal->bind("/", my_get)),
+                tls_root(tls_portal->bind("/", my_tls_get))
+    {
+        write_file("ca_certs.pem", tls_opts.ca_certs_pem());
+        write_file("certs.pem", tls_opts.cert_chain_pem());
+        write_file("test.key", tls_opts.private_key_pem());
+    }
+};
+
+TEST_MT_F("run vbench", 2, Servers()) {
     if (thread_id == 0) {
-        for (;;) {
-            Stream::UP stream = f1.accept(*null_crypto);
-            if (stream.get() == 0) {
-                break;
-            }
-            SimpleBuffer ignore;
-            readUntil(*stream, ignore, "\r\n\r\n");
-            OutputWriter out(*stream, 256);
-            out.write("HTTP/1.1 200\r\n");
-            out.write("content-length: 4\r\n");
-            out.write("X-Yahoo-Vespa-NumHits 10\r\n");
-            out.write("X-Yahoo-Vespa-TotalHitCount 100\r\n");
-            out.write("\r\n");
-            out.write("data");
-        }
-    } else {
         std::string out;
-        EXPECT_TRUE(SlaveProc::run(strfmt("sed 's/_LOCAL_PORT_/%d/' vbench.cfg.template > vbench.cfg", f1.port()).c_str()));
+        EXPECT_TRUE(SlaveProc::run(strfmt("sed 's/_LOCAL_PORT_/%d/' vbench.cfg.template > vbench.cfg", f1.portal->listen_port()).c_str()));
         EXPECT_TRUE(SlaveProc::run("../../apps/vbench/vbench_app run vbench.cfg 2> vbench.out", out));
-        fprintf(stderr, "%s\n", out.c_str());
-        f1.close();
+        fprintf(stderr, "null crypto: %s\n", out.c_str());
+        EXPECT_EQUAL(f1.my_get.cnt, 144u);
+    } else {
+        std::string tls_out;
+        EXPECT_TRUE(SlaveProc::run(strfmt("sed 's/_LOCAL_PORT_/%d/' vbench.tls.cfg.template > vbench.tls.cfg", f1.tls_portal->listen_port()).c_str()));
+        EXPECT_TRUE(SlaveProc::run("../../apps/vbench/vbench_app run vbench.tls.cfg 2> vbench.tls.out", tls_out));
+        fprintf(stderr, "tls crypto: %s\n", tls_out.c_str());
+        EXPECT_EQUAL(f1.my_tls_get.cnt, 144u);
     }
 }
 
diff --git a/vbench/src/tests/app_vbench/input.txt b/vbench/src/tests/app_vbench/input.txt
index c9a57e7a555..1750435c3c3 100644
--- a/vbench/src/tests/app_vbench/input.txt
+++ b/vbench/src/tests/app_vbench/input.txt
@@ -1,3 +1,4 @@
+/aaa
 /foo
 /foo
 /foo
@@ -68,5 +69,4 @@
 /foo
 /foo
 /foo
-/foo
-/foo
+/zzz
diff --git a/vbench/src/tests/app_vbench/vbench.tls.cfg.template.template b/vbench/src/tests/app_vbench/vbench.tls.cfg.template.template
new file mode 100644
index 00000000000..48603998de5
--- /dev/null
+++ b/vbench/src/tests/app_vbench/vbench.tls.cfg.template.template
@@ -0,0 +1,30 @@
+{
+    http_threads: 32,
+    inputs: [
+        {
+            source: { type: 'RequestGenerator', file: '@CMAKE_CURRENT_SOURCE_DIR@/input.txt' },
+            prepare: [
+                { type: 'ServerTagger', host: 'localhost', port:_LOCAL_PORT_ },
+                { type: 'QpsTagger', qps: 10 }
+            ]
+        },
+        {
+            source: { type: 'RequestGenerator', file: '@CMAKE_CURRENT_SOURCE_DIR@/input.txt' },
+            prepare: [
+                { type: 'ServerTagger', host: 'localhost', port:_LOCAL_PORT_ },
+                { type: 'QpsTagger', qps: 10 }
+            ]
+        }
+    ],
+    analyze: [
+        { type: 'IgnoreBefore', time: 1.0 },
+        { type: 'QpsAnalyzer' },
+        { type: 'LatencyAnalyzer' },
+        { type: 'RequestDumper' }
+    ],
+    tls: {
+        ca-certificates: 'ca_certs.pem',
+        certificates:    'certs.pem',
+        private-key:     'test.key'
+    }
+}
diff --git a/vbench/src/vbench/core/time_queue.hpp b/vbench/src/vbench/core/time_queue.hpp
index 4e841e269d5..4a70e258935 100644
--- a/vbench/src/vbench/core/time_queue.hpp
+++ b/vbench/src/vbench/core/time_queue.hpp
@@ -58,7 +58,7 @@ TimeQueue<T>::extract(double time, std::vector<std::unique_ptr<T> > &list, doubl
     }
     guard.broadcast();
     delay = _queue.empty() ? _tick : (_queue.front().time - time);
-    return (!_closed || !_queue.empty());
+    return (!_closed || !_queue.empty() || !list.empty());
 }
 
 } // namespace vbench
diff --git a/vbench/src/vbench/vbench/request_scheduler.cpp b/vbench/src/vbench/vbench/request_scheduler.cpp
index 40e0632e07c..e12d89c1c04 100644
--- a/vbench/src/vbench/vbench/request_scheduler.cpp
+++ b/vbench/src/vbench/vbench/request_scheduler.cpp
@@ -63,7 +63,6 @@ RequestScheduler &
 RequestScheduler::stop()
 {
     _queue.close();
-    _thread.stop();
     return *this;
 }
 
diff --git a/vbench/src/vbench/vbench/vbench.cpp b/vbench/src/vbench/vbench/vbench.cpp
index 35e638ba3af..f04b3bcca7f 100644
--- a/vbench/src/vbench/vbench/vbench.cpp
+++ b/vbench/src/vbench/vbench/vbench.cpp
@@ -1,9 +1,41 @@
 // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 
 #include "vbench.h"
+#include <vespa/vespalib/util/exceptions.h>
+#include <vespa/vespalib/net/tls/tls_crypto_engine.h>
 
 namespace vbench {
 
+namespace {
+
+using IllArg = vespalib::IllegalArgumentException;
+
+string maybe_load(const vespalib::slime::Inspector &file_ref) {
+    if (file_ref.valid()) {
+        string file_name = file_ref.asString().make_string();
+        vespalib::MappedFileInput file(file_name);
+        if (file.valid()) {
+            return string(file.get().data, file.get().size);
+        } else {
+            throw IllArg(strfmt("could not load file: '%s'", file_name.c_str()));
+        }
+    }
+    return "";
+}
+
+CryptoEngine::SP setup_crypto(const vespalib::slime::Inspector &tls) {
+    if (!tls.valid()) {
+        return std::make_shared<vespalib::NullCryptoEngine>();
+    }
+    vespalib::net::tls::TransportSecurityOptions
+        tls_opts(maybe_load(tls["ca-certificates"]),
+                 maybe_load(tls["certificates"]),
+                 maybe_load(tls["private-key"]));
+    return std::make_shared<vespalib::TlsCryptoEngine>(tls_opts);
+}
+
+} // namespace vbench::<unnamed>
+
 VBench::VBench(const vespalib::Slime &cfg)
     : _factory(),
       _analyzers(),
@@ -11,7 +43,7 @@ VBench::VBench(const vespalib::Slime &cfg)
       _inputs(),
       _taint()
 {
-    CryptoEngine::SP crypto = std::make_shared<vespalib::NullCryptoEngine>();
+    CryptoEngine::SP crypto = setup_crypto(cfg.get()["tls"]);
     _analyzers.push_back(Analyzer::UP(new RequestSink()));
     vespalib::slime::Inspector &analyzers = cfg.get()["analyze"];
     for (size_t i = analyzers.children(); i-- > 0; ) {