Comments (9)
cfc4n
commented on June 12, 2024
有性能报告吗?
from ecapture.
yifannir
commented on June 12, 2024
公司内网数据发不出来,这个在第一个wget下很好复现,我可以口述一下,使用nginx在本机启动,然后本地使用 wget https://xxxx 下载一个大文件,观察ecapture关闭前后的两次下载带宽就可以发现明显影响。如果是第二种的话,同样针对刚才的Nginx服务,使用
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define SERVER "127.0.0.1"
#define PORT 443
#define REQUEST "GET / HTTP/1.1\r\nHost: www.example.com\r\n\r\n"
#define TEST_CNT 10000000
char g_requests[TEST_CNT][strlen(REQUEST) + 1];
int create_socket(const char *host, int port) {
int sockfd;
struct sockaddr_in dest_addr;
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd == -1) {
perror("socket");
exit(EXIT_FAILURE);
}
dest_addr.sin_family = AF_INET;
dest_addr.sin_port = htons(port);
dest_addr.sin_addr.s_addr = inet_addr(host);
memset(&(dest_addr.sin_zero), '\0', 8);
if (connect(sockfd, (struct sockaddr *)&dest_addr, sizeof(struct sockaddr)) == -1) {
perror("connect");
exit(EXIT_FAILURE);
}
return sockfd;
}
void init_request() {
int i;
for (i = 0; i < TEST_CNT; i++) {
memcpy(g_requests[i], REQUEST, strlen(REQUEST));
}
}
int main() {
SSL_CTX *ctx;
SSL *ssl;
int server;
char reply[4096];
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
ctx = SSL_CTX_new(TLS_client_method());
if (ctx == NULL) {
ERR_print_errors_fp(stderr);
exit(EXIT_FAILURE);
}
server = create_socket(SERVER, PORT);
ssl = SSL_new(ctx);
SSL_set_fd(ssl, server);
SSL_connect(ssl);
init_request();
int request_len = strlen(REQUEST);
// Perform SSL_write performance test
int i;
for (i = 0; i < TEST_CNT; i++) {
char *request = g_requests[i];
int bytes_written = SSL_write(ssl, request, request_len); // Perform SSL_write
if (bytes_written <= 0) {
fprintf(stderr, "SSL_write failed\n");
ERR_print_errors_fp(stderr);
break;
}
}
SSL_read(ssl, reply, sizeof(reply)); // Read server response
SSL_free(ssl);
close(server);
SSL_CTX_free(ctx);
return 0;
}去运行,性能差异大概是 开启前 6s左右跑完,开启后,30s跑完,
from ecapture.
cfc4n
commented on June 12, 2024
启用eCapture 的命令是什么?
另外,你可以试试 keylog模式,只HOOK了一个函数,性能开销比较小,之后你用wireshark来读取。
./ecapture tls -m keylog -keylogfile=openssl_keylog.logfrom ecapture.
yifannir
commented on June 12, 2024
避免刷屏影响,使用的就是这个输出文件模式。这个您可以测试一下,应该不难复现。
from ecapture.
cfc4n
commented on June 12, 2024
你的服务器系统版本是哪个? openssl的类库版本呢?
from ecapture.
yifannir
commented on June 12, 2024
Ubuntu2204,libssl.so.6
from ecapture.
cfc4n
commented on June 12, 2024
确实存在这个性能问题,我近期尝试优化一下。
from ecapture.
cfc4n
commented on June 12, 2024
优化结果来了,10000000次的数据发送,耗时从30降低到7.1,比不启用eCapture多了1.5S,目前先做到这样,可以试试PR #471
from ecapture.
cfc4n
commented on June 12, 2024
ping?
from ecapture.
Related Issues (20)
- module run failed, [skip it]. error:EBPFProbeOPENSSL couldn't find asset open user/bytecode: file does not exist HOT 5
- SSL_in_before hook点在openssl 1.0.2k的系统上找不到符号表 HOT 4
- 执行时报Permission denied HOT 4
- 数据抓不全的问题 HOT 8
- 获取https request response header+ body HOT 5
- BoringSSL is not supported on linux HOT 4
- Keylog capture not working with OpenSSL 1.1.0 HOT 3
- support updated versions of OpenSSL such as 1.1.1u, v, w, etc.
- masterKey被多次写入pcapng文件中 HOT 3
- load bpf failed on kernel 4.18.0
- android version compilation has failed. HOT 1
- gotls shared object not supported HOT 11
- FTL module run failed, skip it. error="couldn't init manager xxx error:program probe_entry_SSL_read HOT 3
- unsupported arch library HOT 2
- ecapture cannot work on linux with boringssl HOT 9
- panic on pixel 6 pro(android13) HOT 1
- tls module couldn't find binPath stat /usr/lib/firefox/libnspr4.so: no such file or directory HOT 4
- the handshake state jude is not right on boringssl with the branch main-with-bazel HOT 6
- 使用-l参数时出现WRN failed to create multiLogger error="open : no such file or directory" HOT 1
- master secret length is too long for every connection
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ecapture.