我编写了一个客户端应用程序来与第三方服务器应用程序对话。它的通信是通过使用 SslStream 类的 SSL 自定义端口进行的。
服务器允许永久连接,但我发现我必须在 60 秒内使用命令 ping 服务器才能保持合理的响应级别。 60 秒后,通讯仍然有效,但接收响应有明显延迟。它不会断开连接并重新连接。只是比平常需要更长的时间。在 60 秒内发送另一个命令又很快了。 60 秒后发送另一个命令会导致延迟。
就好像 60 秒后,SslStream 与服务器重新协商,使传输时间加倍。我知道 SSL 是基于会话的,这可能是原因吗?除了向服务器应用程序发送不必要的命令以使其保持活动状态之外,我还能做些什么吗?
我的代码如下(截取):
var client = new TcpClient();
client.NoDelay = true;
client.Connect("111.111.111.111", 6969);
var sslStream = new SslStream(client.GetStream(), true, new RemoteCertificateValidationCallback(ValidateServerCertificate), null);
sslStream.AuthenticateAsClient("111.111.111.111");
...
// The following method is invoked by the RemoteCertificateValidationDelegate.
private bool ValidateServerCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors policyErrors)
{
if (policyErrors == SslPolicyErrors.None)
return true;
else
return false;
}
希望有人能对此有所了解!
我的客户端应用程序是用以下语言编写的:
C# / .NET 2.0 和4.0
在 Windows 2003 和 2008 上托管,
谢谢
I have written a client app to talk to a third party server app. Its comms is over a custom port with SSL usng the SslStream class.
The server allows permanent connections however I've found I have to ping the server with a command within 60 seconds to maintain a reasonable level of responsiviness. After 60 seconds the comms still works but there is a noticable delay in receiving a response. It's not dropping the connection and reconnecting. It just takes longer than usual. Sending another command within 60 seconds is quick again. Sending another command after 60 seconds causes delays.
It's as if after 60 seconds the SslStream re-negotiates with the server doubling the transit time. I know SSL is session based, could this be the cause? Is there anything I can do, other than sending unnecessary commands to the server App to keep it alive?
My code is the below (snipped):
var client = new TcpClient();
client.NoDelay = true;
client.Connect("111.111.111.111", 6969);
var sslStream = new SslStream(client.GetStream(), true, new RemoteCertificateValidationCallback(ValidateServerCertificate), null);
sslStream.AuthenticateAsClient("111.111.111.111");
...
// The following method is invoked by the RemoteCertificateValidationDelegate.
private bool ValidateServerCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors policyErrors)
{
if (policyErrors == SslPolicyErrors.None)
return true;
else
return false;
}
Hope someone can shed some light on this!
My client app is written in:
C# / .NET 2.0 & 4.0
Hosted on Windows 2003 and 2008
Thanks
发布评论
评论(2)
一般来说,SSL 支持重新协商,因此情况确实如此。
另一个原因可能是服务器执行的部分代码在一分钟不活动后被交换到磁盘,以释放操作内存。当您发送请求时,应该再次读取该内存。如果块很大,这可能需要一些时间。
In general, SSL supports renegotiation so this can really be the case.
Another reason might be that the part of the code, executed by the server, is swapped to disk after a minute of inactivity, to free operating memory. When you send a request, this memory should be read again. If the block is large, this can take some time.
如果您想了解底层发生了什么,请尝试使用 Mentalis.org
他们提供了一个名为 SecureTcpClient 的类,您可以用它来替换 TcpClient。
警告:该库是为 .NET 1.0 和 1.1 框架设计的。它不适用于 .NET 2.0 框架;该框架支持安全库提供的大部分功能。我只会用它来弄清楚发生了什么。
If you want to know what is going on at a low level then instead of using SslStream try using the open source SSL library from Mentalis.org
They provide a class called SecureTcpClient which you can drop in to replace TcpClient.
WARNING: This library has been designed for the .NET 1.0 and 1.1 frameworks. It is not intended to be used on the .NET 2.0 framework; this framework supports most of the functionality that the Security Library offers. I would only use this to figure out what is going on.