<629>getini ok
<629>init ssl ok
<629>before connect
<629>BIO_new_ssl_connect...
<629>BIO_new_ssl@bio_ssl.c
<629>SSL_set_connect_state
<629>set mode ok
<629>set ipport ok
<629>[ssl connect
<629>2
<629>ssl_do_handshake[
<629>ssl_check ok
<629>ssl_init,before ok, func...
<629>int ssl 23_connect(SSL *s)[
<629>times=0
<629>state=5000
<629>times=1
<629>state=1210
<629>times=2
<629>state=1220
<629>ssl23_get_server_hello(SSL *s)
<630>int SSL_connect(SSL *s)[
<630>int ssl 3_connect(SSL *s)[
<630>times=0
<630>state=1120
<630>times=1
<630>state=1130
<630>times=2
<630>state=1140
<630>BN_mod_exp_mont
<630>times=3
<630>state=1150
<630>times=4
<630>state=1160
<630>times=5
<630>state=1180
<630>SSL3_ST_CW_KEY_EXCH_A[
<630>else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)):
<630>1
<630>1.5
<630>static int generate_key(DH *dh)[
<630>gen key?
<630>yes
<630>mod exp
<630>BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx)
<630>BN_mod_exp_mont_word
--!!!!这里用了7秒!
<637>ok
<637>gen key]
<637>2
<637>static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)[
<637>mod exp
<637>BN_mod_exp_mont(r,a,p,m,ctx,m_ctx)
<637>BN_mod_exp_mont
--!!!!这里用了9秒!
<646>bn2bin
<646>ok
<646>ret]
<646>3
<646>4
<646>5
<646>6
<646>7
<646>out
<646>out1
<646>before ret, ssl3_do_write(s,SSL3_RT_HANDSHAKE)...
<646>goto end?
<646>s->s3->tmp.new_cipher->algorithms...
<646>SSL3_ST_CW_KEY_EXCH_A]
<646>times=6
<646>state=11a0
<646>times=7
<646>state=11b0
<646>times=8
<646>state=1100
<646>times=9
<646>state=11d0
<646>times=10
<646>state=3
<646>int ssl3_connect(SSL *s)]
<646>int ssl3_connect(SSL *s)]
<646>]ssl_do_handshake
<646>hankshake ok
<646>]ssl connect
<646>connect ok
那看来没办法优化了。。。。
只能看看是否可以让它不要每次连接都重新计算、生成新的key。。。。这样安全性可能会降一点。。。。
| -ICP -IDC -ISP |