Skip to content

Add DefaultMutualHandshakeContext* benchmarks#4277

Merged
LoopedBard3 merged 3 commits intodotnet:mainfrom
rzikm:defaultmutualcontext
Jul 15, 2024
Merged

Add DefaultMutualHandshakeContext* benchmarks#4277
LoopedBard3 merged 3 commits intodotnet:mainfrom
rzikm:defaultmutualcontext

Conversation

@rzikm
Copy link
Member

@rzikm rzikm commented Jun 19, 2024

This PR adds microbenchmarks for mutually authenticated SslStream pair which uses SslStreamCertificateContext on the server side. This allows benchmarking TLS resume with client certificates (supported on Windows, newly supported on Linux in .NET 9 via dotnet/runtime#102656)

@rzikm rzikm requested a review from wfurt June 19, 2024 19:01
@rzikm rzikm mentioned this pull request Jun 19, 2024
Merged
@build-analysis build-analysis bot mentioned this pull request Jun 19, 2024
Closed
3 tasks
@rzikm
Copy link
Member Author

rzikm commented Jun 20, 2024

CI Failures seem to be unrelated.

@rzikm rzikm enabled auto-merge (squash) June 21, 2024 13:11
@rzikm rzikm requested a review from adamsitnik July 9, 2024 08:17
@rzikm rzikm disabled auto-merge July 15, 2024 07:52
@rzikm rzikm closed this Jul 15, 2024
@rzikm rzikm reopened this Jul 15, 2024
adamsitnik
adamsitnik approved these changes Jul 15, 2024
View reviewed changes
Copy link
Member

@adamsitnik adamsitnik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you @rzikm !

src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.Context.cs
{
await Task.WhenAll(
sslClient.AuthenticateAsClientAsync("localhost", null, SslProtocols.None, checkCertificateRevocation: false),
sslClient.AuthenticateAsClientAsync("localhost", requireClientCert ? new X509CertificateCollection() { _clientCert } : null, SslProtocols.None, checkCertificateRevocation: false),
Copy link
Member

@adamsitnik adamsitnik Jul 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just for my education: Why do you want to create a new instance of X509CertificateCollection every time the benchmark is called? Does this reflect typical real-life scenario?

Copy link
Member Author

@rzikm rzikm Jul 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wanted to mirror what we do in non-context benchmarks for SslStream.

performance/src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.cs

Line 130 in b69d1bd

ClientCertificates = requireClientCert ? new X509CertificateCollection() { _clientCert } : null,

Typical real-world scenarios would probably always use the overload accepting Ssl(Client|Server)AuthenticationOptions and reuse a single instance of it for multiple connections, or always create new instance entirely from scratch (as we do in linked source code).

@rzikm
Copy link
Member Author

rzikm commented Jul 15, 2024

@adamsitnik I can't merge this PR because of a failed GH check on performance-ci, I don't think the failures are related to my changes. Can you override it and merge this?

@adamsitnik
Copy link
Member

adamsitnik commented Jul 15, 2024

Can you override it and merge this?

I don't have such permissions anymore.

But @caaavik-msft or @LoopedBard3 or @DrewScoggins should be able to do that.

@LoopedBard3 LoopedBard3 merged commit 0dd22f3 into dotnet:main Jul 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adamsitnik adamsitnik adamsitnik approved these changes

@wfurt wfurt wfurt approved these changes

@LoopedBard3 LoopedBard3 LoopedBard3 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rzikm @adamsitnik @wfurt @LoopedBard3