views:

43

answers:

3

Hello there, The problem is, what I want to develop an application (probably PHP?), capable of making quick connection to a SSL secured server and send/get data from it. My aim is to make it send the query and read the result as quick as possible. I am trying various solutions and benchmarking them all. I have tried fsockopen() and CURL, however, wondering if there are any solutions how I could improve them?

Results are as follows: fsockopen():

  • Headers sent: 0.26755499839783;
  • Page received: 0.48934602737427;

CURL results:

  • [total_time] => 0.484
  • [pretransfer_time] => 0.281
  • [starttransfer_time] => 0.437

Questions are: 1) When the query is started to execute on the server, to which I connect - after headers are sent or after I get the page and connections closes? 2) Which is the exect time of CURL to which I should compare the fsockopen() result? Is starttransfer_time even before the headers are sent to server? This would mean that fsockopen() is faster, isn't it? 3) Any solutions how to tweak SSL connectivity on the server, on which the code is executed? Any tweaks possible to OpenSSL module of PHP (any possible downgrades of crypto?) to make it faster? 4) Any solution to go without SSL to SSL secured server? 5) Would C++ or other solution be any quicker in this case?

Any ideas are welcome :) I got obsessed by this "ms" race :)

Thanks, Jonas

+1  A: 

There is no close-form solution to your question.

About C++, it's true that PHP is interpreted and C++ is compiled+optimized, but all crypto libraries in PHP are in plain C, so compiled+optimized.

Making a shorter server key fastens the handshake phase a little, according to the server hardware. Also, most important, all network protocols that rely on TCP are affected by network delays when processing transactions, which are different in behaviour from data transfers (like FTP) because of the fact that they are synchronized.

Anyway...

1.You have to close the connection manually

4.Unless you want to write the full SSL protocol by yourself, better use the most performant library available, openSSL

5.Yes and no, at least you may get a performance increase but maybe not significant. In general, I would recommend it

djechelon
1. it seems the code is started to execute once you send headers and being executed before you start to get data. quite logic. the output page must be generated prior showing :)
flyeris
P.S. any ideas how ot make the shorter server key for handshake?
flyeris
Even if you make it 512 bytes, the minimum, handshare requires some time. Fractions of seconds but still TIME...
djechelon
A: 

A comment on your approach, in general, and a response to your question #2:

When you're creating benchmarks (i.e. comparing the relative performance of two or more different technology options), you should not be relying on timing information that is reported by the technology itself. The main reason is that it's difficult (unless you go digging through 3rd party code) to know exactly what is being reported, and of course, there is no way to make an exact comparison between two values that can not be guaranteed to represent the same measurement.

Instead, you should do the following:

  • write two pieces of code that are functionally identical—in other words, they do the exact same thing, with the same algorithm, operating on the same data, etc, etc... —with the only difference being that one uses one technology (eg. fsockopen), while the other uses the other technology (eg. CURL).

  • now, wrap both pieces of code in identical loops that will call the code repeatedly for some large number of times (eg. 1000). You want your total execution time to be something in the range of 10-seconds or more for each batch of trials.

  • finally, wrap each loop (one that tries CURL, and a separate one that tries fsockopen) in two identical bits of timing code. Just capture the time (in millis, or micros) before you start the loop, then run all the cycles of the loop, then capture the time again, and subtract.

  • This will give you a much more representative picture of how well the two technologies actually perform. You can divide your final times by the number of iterations in your loop if you want, but its not necessary to do so as long as both tests ran the same number of iterations.

Side note: You may already know this, but when writing benchmark code in php, you should use the microtime function with the optional parameter, as follows:

<?php
  $start = microtime(true);
  /* run benchmark code */
  $elapsed = microtime(true) - $start;
  echo( "elapsed time: {$elapsed} microseconds");

the optional parameter on microtime is only available in php >5.0, so if you're still on php 4.x, then you'll have to store the two times as strings, then do some parsing after the fact in order to get them into numbers so you can do math with them. See php docs for microtime() for more details.

Lee
that's exactly, what I am doing. I can't compare cURL in steps as with fsockopen(), but the end result with fsockopen() seems to be quicker.
flyeris
A: 

You could use the fopen() https wrapper (with stream_context_create()) , although I don't know if it's faster than the other two or not.

netcoder
thanks for idea. other methods are quicker :)
flyeris