Comments (9)
有性能报告吗?
from ecapture.
公司内网数据发不出来,这个在第一个wget下很好复现,我可以口述一下,使用nginx在本机启动,然后本地使用 wget https://xxxx
下载一个大文件,观察ecapture关闭前后的两次下载带宽就可以发现明显影响。如果是第二种的话,同样针对刚才的Nginx服务,使用
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define SERVER "127.0.0.1"
#define PORT 443
#define REQUEST "GET / HTTP/1.1\r\nHost: www.example.com\r\n\r\n"
#define TEST_CNT 10000000
char g_requests[TEST_CNT][strlen(REQUEST) + 1];
int create_socket(const char *host, int port) {
int sockfd;
struct sockaddr_in dest_addr;
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd == -1) {
perror("socket");
exit(EXIT_FAILURE);
}
dest_addr.sin_family = AF_INET;
dest_addr.sin_port = htons(port);
dest_addr.sin_addr.s_addr = inet_addr(host);
memset(&(dest_addr.sin_zero), '\0', 8);
if (connect(sockfd, (struct sockaddr *)&dest_addr, sizeof(struct sockaddr)) == -1) {
perror("connect");
exit(EXIT_FAILURE);
}
return sockfd;
}
void init_request() {
int i;
for (i = 0; i < TEST_CNT; i++) {
memcpy(g_requests[i], REQUEST, strlen(REQUEST));
}
}
int main() {
SSL_CTX *ctx;
SSL *ssl;
int server;
char reply[4096];
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
ctx = SSL_CTX_new(TLS_client_method());
if (ctx == NULL) {
ERR_print_errors_fp(stderr);
exit(EXIT_FAILURE);
}
server = create_socket(SERVER, PORT);
ssl = SSL_new(ctx);
SSL_set_fd(ssl, server);
SSL_connect(ssl);
init_request();
int request_len = strlen(REQUEST);
// Perform SSL_write performance test
int i;
for (i = 0; i < TEST_CNT; i++) {
char *request = g_requests[i];
int bytes_written = SSL_write(ssl, request, request_len); // Perform SSL_write
if (bytes_written <= 0) {
fprintf(stderr, "SSL_write failed\n");
ERR_print_errors_fp(stderr);
break;
}
}
SSL_read(ssl, reply, sizeof(reply)); // Read server response
SSL_free(ssl);
close(server);
SSL_CTX_free(ctx);
return 0;
}
去运行,性能差异大概是 开启前 6s左右跑完,开启后,30s跑完,
from ecapture.
启用eCapture 的命令是什么?
另外,你可以试试 keylog模式,只HOOK了一个函数,性能开销比较小,之后你用wireshark来读取。
./ecapture tls -m keylog -keylogfile=openssl_keylog.log
from ecapture.
避免刷屏影响,使用的就是这个输出文件模式。这个您可以测试一下,应该不难复现。
from ecapture.
你的服务器系统版本是哪个? openssl的类库版本呢?
from ecapture.
Ubuntu2204,libssl.so.6
from ecapture.
from ecapture.
优化结果来了,10000000
次的数据发送,耗时从30
降低到7.1
,比不启用eCapture
多了1.5
S,目前先做到这样,可以试试PR #471
from ecapture.
ping?
from ecapture.
Related Issues (20)
- module run failed, [skip it]. error:EBPFProbeOPENSSL couldn't find asset open user/bytecode: file does not exist HOT 5
- SSL_in_before hook点在openssl 1.0.2k的系统上找不到符号表 HOT 4
- 执行时报Permission denied HOT 4
- 数据抓不全的问题 HOT 8
- 获取https request response header+ body HOT 5
- BoringSSL is not supported on linux HOT 4
- Keylog capture not working with OpenSSL 1.1.0 HOT 3
- support updated versions of OpenSSL such as 1.1.1u, v, w, etc.
- masterKey被多次写入pcapng文件中 HOT 3
- load bpf failed on kernel 4.18.0
- android version compilation has failed. HOT 1
- gotls shared object not supported HOT 11
- FTL module run failed, skip it. error="couldn't init manager xxx error:program probe_entry_SSL_read HOT 3
- unsupported arch library HOT 2
- ecapture cannot work on linux with boringssl HOT 9
- panic on pixel 6 pro(android13) HOT 1
- tls module couldn't find binPath stat /usr/lib/firefox/libnspr4.so: no such file or directory HOT 6
- the handshake State judgment is not completely accurate on boringssl with the branch main-with-bazel HOT 8
- 使用-l参数时出现WRN failed to create multiLogger error="open : no such file or directory" HOT 1
- master secret length is too long for every connection HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ecapture.