以下是curl --trace-time https://...
的一些输出,该输出显示TLS握手过程中存在0.2秒的延迟。关于这可能是什么的任何想法?我尝试了各种密码选项,但这种效果仍然存在。它也似乎不是外部因素(例如DNS查找)的结果。
13:48:11.168371 * Connected to maas.its.iastate.edu (10.24.107.84) port 443 (#0)
13:48:11.168721 * SSLv3, TLS handshake, Client hello (1):
13:48:11.168761 } [data not shown]
13:48:11.183236 * SSLv3, TLS handshake, Server hello (2):
13:48:11.183348 { [data not shown]
13:48:11.183894 * SSLv3, TLS handshake, CERT (11):
13:48:11.183938 { [data not shown]
13:48:11.375841 * SSLv3, TLS handshake, Server finished (14):
13:48:11.375898 { [data not shown]
13:48:11.376106 * SSLv3, TLS handshake, Client key exchange (16):
13:48:11.376142 } [data not shown]
13:48:11.376203 * SSLv3, TLS change cipher, Client hello (1):
13:48:11.376240 } [data not shown]
13:48:11.376334 * SSLv3, TLS handshake, Finished (20):
13:48:11.376369 } [data not shown]
13:48:11.392527 * SSLv3, TLS change cipher, Client hello (1):
13:48:11.392585 { [data not shown]
13:48:11.392677 * SSLv3, TLS handshake, Finished (20):
13:48:11.392715 { [data not shown]
13:48:11.392788 * SSL connection using RC4-SHA
13:48:11.392825 * Server certificate: [cert details not shown]
13:48:11.393077 * SSL certificate verify ok.
13:48:11.393146 > GET /maas/example HTTP/1.1
13:48:11.409146 { [data not shown]
13:48:11.409438 * Closing connection #0
最佳答案
在strace
下运行它,并使用-tt
选项:
http://linux.die.net/man/1/strace
像这样:
strace -o /output/file -f -tt curl ...
输出将向您显示挂起的位置-至少在系统调用挂起的级别上。
关于performance - 是什么导致TLS握手延迟?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/29756289/