WWW ::使用SSL的机械化工作,但响应速度慢
问题描述:
我使用WWW::Mechanize与运行其自己的基于SSLv3的Web服务器的硬件进行HTTPS连接。WWW ::使用SSL的机械化工作,但响应速度慢
我的代码有效,但对get(),submit()和click()的响应慢慢回来,范围从6秒到12秒。
存在导致服务器的IP地址与其在证书中使用的IP地址不同的配置问题。出于这个原因,我暂时忽略了主机名验证。
这可能是WWW :: Mechanize速度慢的原因。但是,使用常规Web浏览器执行相同的功能时没有任何缓慢。我在Solaris 10(sparc)上运行,使用Perl 5.20.1和OpenSSL 0.7.9d。当与其他服务器进行正常的HTTP连接时,机械化运行速度很快。
我也尝试了所有的代理别名。没提升。
use WWW::Mechanize;
$ENV{HTTPS_VERSION} = 3; # Try SSLv3 first
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0; # Ignore verification
my $agent = WWW::Mechanize->new(autocheck => 1);
$agent->get($https_url);
$agent->credentials($username, $password);
$agent->get($status_url);
print "$agent->{content}\n";
$agent->form_number(2);
$agent->click();
print "$agent->{content}\n";
UPDATE:
我OpenSSL更新至1.0.1j和重新编译的Net :: SSLeay的1.66。我还将IO :: Socket :: SSL更新为2.002。我仍然看到了同样的行为。
然后,我重新编译了LWP :: Protocol :: https 6.0.6和WWW :: Mechanize 1.73以获得较好的效果。同样的行为。
我将use IO::Socket::SSL qw(debug3);添加到我的脚本中。我可以在调试输出中看到6秒的延迟。
Fetching initial page...
DEBUG: .../IO/Socket/SSL.pm:2537: new ctx 11476520
DEBUG: .../IO/Socket/SSL.pm:529: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:531: socket connected
DEBUG: .../IO/Socket/SSL.pm:553: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:589: not using SNI because hostname is unknown
DEBUG: .../IO/Socket/SSL.pm:640: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:663: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:673: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:693: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:663: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:673: waiting for fd to become ready: SSL wants a read first
# >>> There's a 6 second delay here <<<
DEBUG: .../IO/Socket/SSL.pm:693: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:708: ssl handshake done
DEBUG: .../IO/Socket/SSL.pm:2570: free ctx 11476520 open=11476520
DEBUG: .../IO/Socket/SSL.pm:2582: OK free ctx 11476520
Credentials...
Fetching status page...
DEBUG: .../IO/Socket/SSL.pm:2537: new ctx 11476520
DEBUG: .../IO/Socket/SSL.pm:529: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:531: socket connected
DEBUG: .../IO/Socket/SSL.pm:553: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:589: not using SNI because hostname is unknown
DEBUG: .../IO/Socket/SSL.pm:640: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:663: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:673: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:693: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:663: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:673: waiting for fd to become ready: SSL wants a read first
# >>> Another 6 second delay <<<
DEBUG: .../IO/Socket/SSL.pm:693: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:708: ssl handshake done
DEBUG: .../IO/Socket/SSL.pm:2570: free ctx 11476520 open=11476520
DEBUG: .../IO/Socket/SSL.pm:2582: OK free ctx 11476520
DEBUG: .../IO/Socket/SSL.pm:2537: new ctx 11476520
DEBUG: .../IO/Socket/SSL.pm:529: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:531: socket connected
DEBUG: .../IO/Socket/SSL.pm:553: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:589: not using SNI because hostname is unknown
DEBUG: .../IO/Socket/SSL.pm:640: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:663: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:673: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:693: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:663: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:673: waiting for fd to become ready: SSL wants a read first
# >>> Another 6 second delay <<<
DEBUG: .../IO/Socket/SSL.pm:693: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:653: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:708: ssl handshake done
DEBUG: .../IO/Socket/SSL.pm:2570: free ctx 11476520 open=11476520
DEBUG: .../IO/Socket/SSL.pm:2582: OK free ctx 11476520
Submitting form...
# Repeat of behavior when fetching the initial page, except ctx is 12700768
SOLUTION:
这里是在我与斯蒂芬的谈话中说明的更改我的工作脚本。保持活力是解决方案。
use WWW::Mechanize;
use IO::Socket::SSL qw(debug3); # Turn on level 3 debug
use LWP::ConnCache;
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0; # Ignore verification
my $agent = WWW::Mechanize->new(autocheck => 1);
$agent->conn_cache(LWP::ConnCache->new); # Enable keep-alive
$agent->get($https_url);
$agent->credentials($username, $password);
$agent->get($status_url);
$agent->form_number(2);
$agent->click();
答
有是造成服务器的IP地址,从它的证书中使用一个不同的配置问题。出于这个原因,我暂时忽略了主机名验证。
更好地使用IO :: Socket :: SSL的SSL_verifycn_name设置来定义您希望在证书中使用哪个名称。
这可能是WWW :: Mechanize缓慢的原因。
可能不是,因为您只是禁用检查。禁用不会使速度变慢,但启用速度也不会变慢,因为这些检查速度很快并且不需要任何其他网络活动。
我在Solaris 10(sparc)上运行,使用Perl 5.20.1和OpenSSL 0.7.9d。
我怀疑你使用的是0.7.9d,你的意思可能是0.9.7d。它仍然是一个非常不寻常的配置,即使用具有10年历史的OpenSSL版本的现代Perl。我建议你使用当前版本,也许你的问题就会消失。
但是,使用常规Web浏览器执行相同功能时没有任何缓慢。
当前的浏览器使用现代TLS堆栈,它具有更高效的密码,会话恢复等。再次尝试使用最新版本的OpenSSL。
感谢您收到有关SSL_verifycn的提示。我会试一试。你是对的。它是0.9.7d,这是一个不寻常的配置。如果我升级OpenSSL,我想我将不得不更新一些Perl模块,比如Net :: SSLeay。我没有Crypt :: SSLeay,我不认为我使用的是WWW :: Mechanize。我会尽快发布我的结果。 – MikeU 2014-10-28 22:18:10
WWW :: Mechanize使用LWP :: UserAgent,它自6.0版默认使用IO :: Socket :: SSL。 IO :: Socket :: SSL本身使用Net :: SSLeay。 Crypt :: SSLeay在6.0之前的LWP版本中使用。由于您明确禁用了主机名的检查,因此您必须使用IO :: Socket :: SSL后端,因为Crypt:SSLeay无论如何都不检查主机名。所以它应该足以重新编译Net :: SSLeay。 – 2014-10-29 05:31:14
我更新到OpenSSL 1.0.1j,并将结果添加到我上面的原始帖子中。 – MikeU 2014-10-29 22:27:53