堆栈内存溢出
  简体   繁体   English

SSL_accept需要200毫秒(C / openssl)

[英]SSL_accept takes 200ms (c / openssl)

 原文  2012-09-07 07:51:26       c++/ ssl/ openssl

问题描述

Is it normal that SSL_accept(ssl) takes 200 ms? SSL_accept(ssl)占用200毫秒是否正常?

Running as a windows service, written in c++, using MFC and Boost. 使用MFC和Boost,以c ++编写为Windows服务运行。 Running on an intel xeon e5620 2.4G, with 4GB memory, and Win 7 Pro. 在具有4GB内存的Intel xeon e5620 2.4G和Win 7 Pro上运行。

Following is my code. 以下是我的代码。 I meanwhile suspected that maybe other methods before SSL_accept (SSL_CTX_* RAND_* etc) might consume long time , but I logged everthing and discovered that SSL_accept is eating all the time. 同时,我怀疑SSL_accept之前的其他方法(SSL_CTX_ * RAND_ *等)可能会消耗很长时间,但是我记录了所有内容,发现SSL_accept一直在吃东西。 

int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
{
    return preverify_ok;
}    
void somemethod() {    
    SSL *ssl  = 0;
    SSL_CTX *tlsctx = 0;
    int ret_conn = -1;
    tlsctx = SSL_CTX_new( SSLv23_method());

    SSL_CTX_use_certificate_file(tlsctx, sCert , SSL_FILETYPE_PEM);

    SSL_CTX_use_PrivateKey_file(tlsctx, sKey , SSL_FILETYPE_PEM);

        RAND_write_file(sRandomPem);
        int _rand_loaded = RAND_load_file(sRandomPem, -1 );   

        if(! SSL_CTX_load_verify_locations(tlsctx, sCACert, NULL))
        {
            // TODO //  /* Handle error here */     
        }
        SSL_CTX_set_verify( tlsctx, SSL_VERIFY_PEER, verify_callback );

        ssl = SSL_new(tlsctx);

        int _error = SSL_ERROR_WANT_READ;

        int loopCount  = 0;


        // START MEASURING TIME FROM HERE
        SSL_set_fd(ssl, _sck);
        while(ret_conn != 1 ) 
        {
            loopCount++;

            ret_conn = SSL_accept(ssl);

            _error = SSL_get_error(ssl, ret_conn);
            switch (_error) 
            { 
            case SSL_ERROR_NONE: 
                    break; 
            case SSL_ERROR_WANT_WRITE: 
                    break; 
            case SSL_ERROR_WANT_READ: 
                    break; 
            case SSL_ERROR_WANT_X509_LOOKUP: 
                    break; 
            case SSL_ERROR_SYSCALL: 
                    break; 
            case SSL_ERROR_SSL: 
                    break; 
            case SSL_ERROR_ZERO_RETURN: 
                    break; 
            } 

            if( _error == SSL_ERROR_WANT_READ || _error == SSL_ERROR_WANT_WRITE)
            { 
                Sleep(1);
            } else
            {
                break;
            }
        }

        if( ret_conn < 1)
        {
            Log("SSL_accept -1 ", ERR_error_string(_error, NULL));
            return;
        }
        // MEASURING END HERE, takes ~200ms (on successfully accepting connection)
}

1 个解决方案

解决方案1
 1 已采纳  2012-09-07 19:56:46

To my knowledge, SSL_accept is a blocking function, which waits for your client to connect. 据我所知, SSL_accept是一个阻止函数,它等待您的客户端连接。 If your client connect 200 ms later than the beginning for the SSL_accept call, then you will measure that waiting time. 如果您的客户端比SSL_accept调用的开始时间晚200毫秒连接,那么您将测量该等待时间。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 OpenSSL ssl_accept() 错误 5 - OpenSSL ssl_accept() error 5 OpenSSL握手(SSL_accept)毫秒级缓慢 - Openssl handshake (SSL_accept) is slow in milliseconds SSL_accept()抛出“无效参数”错误 - SSL_accept() throws “Invalid argument” error SSL_connect()和SSL_accept()调用 - SSL_connect() and SSL_accept() calls 调用fork()后SSL_accept挂起 - SSL_accept hangs after calling fork() Winsock 200ms延迟问题 - Winsock 200ms delay issue 字符串迭代延迟 200 毫秒 - string Iteration delay by 200ms SSL_accept上的节俭随机崩溃 - Thrift random crashes on SSL_accept SSL_accept返回SSL_ERROR_SSL - SSL_accept returns SSL_ERROR_SSL 字节[256]的Boost :: serial_port和asio :: async_write超过200毫秒 - Boost::serial_port and asio::async_write for byte[256] exceeds 200ms
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM