攻城工具不适用于HTTPS网站 [英] Siege tool not working with HTTPS sites

问题描述

我正在使用CentOS 6.4中的Siege 3.0.3.

I am using Siege 3.0.3 from CentOS 6.4.

我的问题是:围攻"如何支持HTTPS协议?

My question is : how does 'Siege' supports HTTPS protocol?

到目前为止，使用此工具进行HTTP站点测试是可以的.

So far using this tool the HTTP sites testing is OK.

但是，在处理HTTPS网站时，我遇到了某些问题(所有问题都在下面描述).

But, I am facing certain issues (all described below) while dealing with the HTTPS sites.

根据某人的建议，为了使HTTPS能够正常工作，我已经使用openssl编译了围困.

As suggested by someone, to make HTTPS work I have compiled siege with openssl.

为此，我按照以下站点中提到的步骤进行操作. http://drewsymo.com/how-到/在centos-6-3/上安装siege-stress-tester/

For doing this, I followed the procedure as mentioned in the below site. http://drewsymo.com/how-to/installing-siege-stress-tester-on-centos-6-3/

简而言之，我运行了以下命令以使用openssl编译攻城战.

In brief, I ran the following commands for compiling siege with openssl.

cd /opt
wget http://www.openssl.org/source/openssl-1.0.1e.tar.gz
tar -zxvf openssl-1.0.1e.tar.gz
cd siege-3.0.3
./configure -with-ssl=/opt/openssl-1.0.1e
make && make install

在上述步骤中我没有收到任何警告或错误.

I did not got any warning or errors in the above steps.

但是，即使在此之后，在使用此工具处理HTTPs站点时，我仍得到以下结果.

But, even after this I am getting the below results while dealing with HTTPs sites using this tool.

问题#1

每当我设置多个匹配(例如1000、2000)时，都会出现以下错误.

Whenever I set many hits like 1000, 2000 I get the below error.

"Segmentation fault (core dumped)"

请注意，我已经运行了"ulimit -n 10000"命令来增加打开文件的数量.

Kindly note I have already ran the "ulimit -n 10000" command to increase the number of open files.

但是，这没有帮助.

问题#2

[root@localhost ~]# siege --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0" -c10 -r1 -t50S someHTTPSdomain.com
[error] CONFIG conflict: selected time and repetition based testing: No such file or directory
defaulting to time-based testing: 50 seconds
** SIEGE 3.0.3
** Preparing 10 concurrent users for battle.
The server is now under siege...
HTTP/1.1 302   0.09 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.11 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   3.09 secs:       0 bytes ==> GET  /
.....................
.....................
.....................

Then after many such hits exceeding the above defined 10 hits, I had to press Ctrl+C.

After that, it shows,

^C
Lifting the server siege...      done.

Transactions:                      0 hits
Availability:                   0.00 %
Elapsed time:                  18.70 secs
Data transferred:               0.00 MB
Response time:                  0.00 secs
Transaction rate:               0.00 trans/sec
Throughput:                     0.00 MB/sec
Concurrency:                    3.19
Successful transactions:          30
Failed transactions:              28
Longest transaction:           12.10
Shortest transaction:           0.07

FILE: /usr/local/var/siege.log
You can disable this annoying message by editing
the .siegerc file in your home directory; change
the directive 'show-logfile' to false.
[root@localhost ~]#

对于HTTPS网站，为什么交易总是显示0次点击?

Why the transactions showing 0 hits always in case of HTTPS sites?

即使指定了"-c10 -r1"，为什么HTTPS站点的滚动输出仍未停止?

Even after specifying "-c10 -r1" why the scrolling output not stopping for HTTPS sites?

还有，为什么所有HTTP响应对于HTTPS站点都显示30倍?

Also, why all the HTTP responses are showing 30X for HTTPS sites?

为什么此错误"[错误]配置冲突:选定的基于时间和重复的测试:没有此类文件或目录默认为基于时间的测试:50秒"一直显示?

Why this error "[error] CONFIG conflict: selected time and repetition based testing: No such file or directory defaulting to time-based testing: 50 seconds" keep showing?

无论如何，如果我从上述命令中删除了-t50S，则不会出现错误"[错误]配置冲突:选择的基于时间和重复的测试:没有此类文件或目录默认为基于时间的测试:50秒"

Anyway, if I remove the -t50S from the above command I do not get the error "[error] CONFIG conflict: selected time and repetition based testing: No such file or directory defaulting to time-based testing: 50 seconds".

但是，仍然将交易显示为0个匹配.见下文.

But, still it shows the transactions as 0 hits. See below.

[root@localhost ~]# siege --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0" -c10 -r1 someHTTPSdomain.com
** SIEGE 3.0.3
** Preparing 10 concurrent users for battle.
The server is now under siege...
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.09 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.11 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.07 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.09 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.10 secs:       0 bytes ==> GET  /
done.

Transactions:                      0 hits
Availability:                   0.00 %
Elapsed time:                   2.14 secs
Data transferred:               0.00 MB
Response time:                  0.00 secs
Transaction rate:               0.00 trans/sec
Throughput:                     0.00 MB/sec
Concurrency:                    0.40
Successful transactions:          10
Failed transactions:              10
Longest transaction:            0.11
Shortest transaction:           0.07

FILE: /usr/local/var/siege.log
You can disable this annoying message by editing
the .siegerc file in your home directory; change
the directive 'show-logfile' to false.
[root@localhost ~]#

问题#3

另一件事，我注意到如果在HTTPS URL前面加上"https://"作为前缀，如下所示，我将得到这样的输出.

Another thing, I noticed if I prefix the HTTPS URL with a "https://" like the below, I get output like this.

[root@localhost ~]# siege --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0" -c10 -r1 https://someHTTPSdomain.com
** SIEGE 3.0.3
** Preparing 10 concurrent users for battle.
The server is now under siege...
done.

Transactions:                      0 hits
Availability:                   0.00 %
Elapsed time:                   1.06 secs
Data transferred:               0.00 MB
Response time:                  0.00 secs
Transaction rate:               0.00 trans/sec
Throughput:                     0.00 MB/sec
Concurrency:                    0.00
Successful transactions:           0
Failed transactions:              10
Longest transaction:            0.00
Shortest transaction:           0.00

FILE: /usr/local/var/siege.log
You can disable this annoying message by editing
the .siegerc file in your home directory; change
the directive 'show-logfile' to false.
[root@localhost ~]#

简单来说，没有HTTP或其他响应消息.

Simply, no HTTP or other response messages.

在处理HTTPS网站时，我对这些结果感到困惑.不清楚我在发出命令时是否做错了什么，或者这是该工具的错误或局限性.

I am confused with these results while dealing with the HTTPS sites. Not clear whether I did anything wrong while issuing the commands or it's some bug or limitation of this tool.

我想提到的是，在上述命令中，我通过在所有命令中使用"-user-agent = "来使用有效的Windows 8(使用Firefox浏览器)useragent. 我这样做只是为了替换默认的Siege用户代理" JoeDog/1.00 [en](X11; I; Siege 3.0.3)"，因为此默认Siege用户代理可能已在许多Web服务器中列入黑名单(不太确定).

I like to mention that in my above commands I have used a valid Windows 8 (using a Firefox browser) useragent by using "--user-agent=" in all the commands. I did like this only to replace the default Siege useragent which is "JoeDog/1.00 [en] (X11; I; Siege 3.0.3)" as this default Siege useragent might be blacklisted in many webservers (not so sure).

请某人指导.

谢谢.

推荐答案

正如另一篇帖子所述，您必须使用--with-ssl选项进行配置.此外，必须安装openssl开发标头.如果您没有SSL标头./configure，则make和make install将运行良好，并且它们将安装有效的攻城二进制文件，但它将无法处理HTTPS.

As another posted said, you have to configure using the --with-ssl option. Additionally, the openssl development headers must be installed. If you don't have the SSL headers ./configure, make and make install will run fine and they will install a working siege binary, but it won't be able to handle HTTPS.

这篇关于攻城工具不适用于HTTPS网站的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！