SSL renegotiation

[Christiaan Lamprecht <ch...@googlemail.com>]

Hi all,

I'm new to JMeter and from the documentation it seems like it can do
what I need but I would be grateful for some help with a technical
question.

The question is about how JMeter responds to SSL renegotiation
requests from the server. So an example would be; The client sends a
HTTPS request to the server, the client waits for a reply, the server
does not send a reply but sends a SSL renegotiation request, a few
more messages are exchanged, the server finally sends the reply.

There are a few things which can affect how JMeter responds to this:
* Does the simulated JMeter client wait for a reply? and will it
respond to a renegotiation request instead?
* Is there any SSL state shared between the clients/threads/etc...
during the simulation
* If renegotiation occurs, will JMeter incorporate the renegotiation
time into the response time for that request?


Sorry for the extremely technical question on the users list, hope
some developers read this too.

Any help would be much appreciated

Many thanks
Christiaan

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org

Re: SSL renegotiation

[sebb <se...@gmail.com>]

On 28/08/07, Christiaan Lamprecht <ch...@googlemail.com> wrote:
> > Except ...
> >
> > This was true for all but the SSL context, which was shared between
> > threads in 2.2 and earlier.
> >
> > Version 2.3RC3 changed the SSL context to be per-thread; however there
> > was a bug that meant some of the objects were recreated too often.
> > This has been fixed in the current nightly build.
>
> Could you perhaps hint at a guess when it might peculate into one of
> the stable releases? Perhaps I should just use the 2.2 build or are
> the nightly builds usually ok-ish?

I'm hoping to release 2.3 final before too long, but there are no dates.

There are no guarantees for the nightly builds, but you may find that
they work OK for you.

> Thanks
> Christiaan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org

Re: SSL renegotiation

[Christiaan Lamprecht <ch...@googlemail.com>]

> Except ...
>
> This was true for all but the SSL context, which was shared between
> threads in 2.2 and earlier.
>
> Version 2.3RC3 changed the SSL context to be per-thread; however there
> was a bug that meant some of the objects were recreated too often.
> This has been fixed in the current nightly build.

Could you perhaps hint at a guess when it might peculate into one of
the stable releases? Perhaps I should just use the 2.2 build or are
the nightly builds usually ok-ish?


Thanks
Christiaan

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org

Re: SSL renegotiation

[sebb <se...@gmail.com>]

On 23/08/07, Christiaan Lamprecht <ch...@googlemail.com> wrote:
> On 8/22/07, sebb <se...@gmail.com> wrote:
> > JMeter does not do any SSL, other than configuring the connection, so
> > any renegotiation is done by the SSL provider, i.e. by default JSSE in
> > Java 1.4.
>
> Thanks for the quick reply. Sounds like good news.
>
> > > There are a few things which can affect how JMeter responds to this:
> > > * Does the simulated JMeter client wait for a reply? and will it
> > > respond to a renegotiation request instead?
> > > * Is there any SSL state shared between the clients/threads/etc...
> > > during the simulation
> > > * If renegotiation occurs, will JMeter incorporate the renegotiation
> > > time into the response time for that request?
>
> FYI, anyone who's interested:
> * I think it's safe to assume the simulated client waits for a reply.
> * Seems then that the SSL state will also not be shared; see paragraph
> 2 under 4.1 http://jakarta.apache.org/jmeter/usermanual/test_plan.html

Except ...

This was true for all but the SSL context, which was shared between
threads in 2.2 and earlier.

Version 2.3RC3 changed the SSL context to be per-thread; however there
was a bug that meant some of the objects were recreated too often.
This has been fixed in the current nightly build.

> * Guess I'll have to wait and see
>
> Will try to update this when I'm done if anyone's interested
>
> Thanks again
> Christiaan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org

Re: SSL renegotiation

[Christiaan Lamprecht <ch...@googlemail.com>]

On 8/22/07, sebb <se...@gmail.com> wrote:
> JMeter does not do any SSL, other than configuring the connection, so
> any renegotiation is done by the SSL provider, i.e. by default JSSE in
> Java 1.4.

Thanks for the quick reply. Sounds like good news.

> > There are a few things which can affect how JMeter responds to this:
> > * Does the simulated JMeter client wait for a reply? and will it
> > respond to a renegotiation request instead?
> > * Is there any SSL state shared between the clients/threads/etc...
> > during the simulation
> > * If renegotiation occurs, will JMeter incorporate the renegotiation
> > time into the response time for that request?

FYI, anyone who's interested:
* I think it's safe to assume the simulated client waits for a reply.
* Seems then that the SSL state will also not be shared; see paragraph
2 under 4.1 http://jakarta.apache.org/jmeter/usermanual/test_plan.html
* Guess I'll have to wait and see

Will try to update this when I'm done if anyone's interested

Thanks again
Christiaan

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org

Re: SSL renegotiation

[sebb <se...@gmail.com>]

JMeter does not do any SSL, other than configuring the connection, so
any renegotiation is done by the SSL provider, i.e. by default JSSE in
Java 1.4.

Presumably the Sun Java documentation can help answer these questions.

On 22/08/07, Christiaan Lamprecht <ch...@googlemail.com> wrote:
> Hi all,
>
> I'm new to JMeter and from the documentation it seems like it can do
> what I need but I would be grateful for some help with a technical
> question.
>
> The question is about how JMeter responds to SSL renegotiation
> requests from the server. So an example would be; The client sends a
> HTTPS request to the server, the client waits for a reply, the server
> does not send a reply but sends a SSL renegotiation request, a few
> more messages are exchanged, the server finally sends the reply.
>
> There are a few things which can affect how JMeter responds to this:
> * Does the simulated JMeter client wait for a reply? and will it
> respond to a renegotiation request instead?
> * Is there any SSL state shared between the clients/threads/etc...
> during the simulation
> * If renegotiation occurs, will JMeter incorporate the renegotiation
> time into the response time for that request?
>
>
> Sorry for the extremely technical question on the users list, hope
> some developers read this too.
>
> Any help would be much appreciated
>
> Many thanks
> Christiaan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org